Descriptions
About KPMG in Malaysia's Cyber Defense & Incident Response KPMG Malaysia's Cyber Defense & Incident Response team operates within our Technology Risk & Cybersecurity practice under Technology Consulting. Cybersecurity is a strategic growth priority for the firm as organisations face a rapidly evolving, increasingly sophisticated threat landscape. Our Cyber Defense & Incident Response professionals help organisations detect, respond to and recover from cyber threats by strengthening security operations, vulnerability management, offensive security capabilities and threat intelligence. We combine advanced technical expertise with industryaligned frameworks to help clients build resilient, futureready security programmes. Why This Opportunity Stands Out Senior Associate: - Handson role in vulnerability management, security testing and cyber defense operations - Exposure to enterprisegrade tools and realworld threat scenarios - Opportunity to build strong technical depth under experienced cyber leaders - Clear development pathway towards cyber leadership roles Manager - Senior delivery role with handson involvement in defensive and offensive security engagements - Opportunity to work across vulnerability management, threat detection and incident response - Exposure to advanced security tooling and emerging technologies, including AIdriven detection - Platform to grow leadership capability and contribute to service innovation Associate Director - Strategic leadership role driving the Cyber Defense & Incident Response service line - High visibility with senior client leadership and internal stakeholders - Opportunity to shape nextgeneration Cyber Defense and offensive security offerings - Strong influence on methodology development, thought leadership and talent mentoring
Responsibilities
What Can You Expect Senior Associate: - Handson participation in cyber defense and offensive security engagements - Exposure to regulated and threatdriven environments - Continuous learning in vulnerability assessment, penetration testing and attack simulation - Close collaboration with Managers, Associate Directors and SOC teams Manager: - Handson leadership of cyber defense engagements across multiple clients - Close collaboration with governance, risk and compliance teams - Exposure to complex regulatory and threatdriven environments - Continuous learning in advanced threat detection and attack simulation techniques Associate Director: - Ownership of Cyber Defense capability delivery, growth and quality - Trusted advisor role to clients CISOs, CIOs and senior risk leaders - Leadership of crossteam collaboration across SOC, GRC and offensive security - Involvement in highimpact proposals, strategic pursuits and industry engagements How Will You Make Your Mark Senior Associate: - Perform vulnerability assessments using tools such as Qualys, Nessus and Rapid7 - Support penetration testing and offensive security activities under supervision - Assist in security monitoring, threat analysis and incident response activities - Document findings, risks and remediation recommendations - Support delivery of regulatoryaligned cybersecurity engagements Manager: - Lead deployment and operation of security technologies such as SIEM, IDS/IPS and EDR - Plan, implement and operate cybersecurity processes, controls and detection capabilities - Deliver vulnerability assessments, penetration testing and remediation tracking engagements - Execute offensive security activities including red team exercises and adversary simulations - Produce actionable remediation plans and prioritised security roadmaps - Support proposal development, solution design and technical presentations Associate Director: - Lead and mature Cyber Defense and Offensive Security service offerings - Define methodologies, standards and policies for vulnerability and penetration testing - Develop nextgeneration threat detection using AI, machine learning and advanced analytics - Perform and oversee malware reverse engineering and advanced threat intelligence - Represent KPMG in thought leadership, client forums, training and industry events - Manage highrisk, complex engagements and ensure delivery excellence - Mentor teams and drive Cyber Defense capability building
Requirements
Who We're Looking For Shared Requirements (Senior Associate, Manager & Associate Director) Education & Experience - Bachelor's degree in Engineering or equivalent technical qualification - Experience range: - Senior Associate: 3-6 years - Manager: 8-10 years - Associate Director: 10+ years - Experience in Cyber Defense, Offensive Security or broader Cybersecurity roles - Strong communication, stakeholder engagement and project management skills - Ability to perform in fastpaced, resultsdriven environments - Willingness to travel where required - Regulatory & Framework Knowledge Strong understanding of: - BNM RMiT (June 2023) - NIST Cybersecurity Framework - ISO 27001:2022 - Securities Commission Malaysia GTRM - Technical Expertise - Handson experience with vulnerability management and offensive security tools such as: - Qualys, Nessus, Rapid7 - NetSparker / Acunetix, ZAP - Veracode, Kali Linux, Burp Suite, Nikto - Experience with SOC environments and threat detection architectures - Strong understanding of attack vectors, malware, TTPs and adversary behaviour - Professional Certifications (RoleDependent) - OSCP, OSWP - CREST, CEH - CHFI, CCMRE - CISSP, CISM, GIAC or equivalent Leadership Attributes Senior Associate: - Strong technical foundation with a desire to deepen cyber specialization - High attention to quality, documentation and learning Manager: - Strong technical leadership with developing peoplemanagement capability - Ability to earn trust through delivery quality and technical credibility Associate Director: - Proven success advising senior executives and leading security teams - Strong people leadership, mentoring and serviceline ownership mindset What to Expect in the Selection Journey - A Friendly Pre-Screening Call - We want you to feel empowered and informed throughout the process - Interview Stage - Our recruitment team will reach out for an initial chat - nothing intimidating, just a conversation to get to know you better. If shortlisted, you'll be invited for an interview in one of the following formats: Virtual interview or Interview at the KPMG In Malaysia Office Make it Count, Make the Difference. Submit your application to KPMG In Malaysia's Cyber Defense & Incident Response - Experienced Hires role today - your journey starts here.
