Senior Associate, Cybersecurity Job KPMG East Africa

Senior Associate, Cybersecurity Job. IT Jobs In Kenya

Position Summary

We are currently looking for a Senior Associate in our Information Technology Advisory Unit (ITA) to support in managing and executing cybersecurity engagements, including vulnerability assessments, penetration testing, and client advisory on security risks

Read More>>>How Investing In CV Writing Services Got Me More Interviews

Key roles and responsibilities

• Assist in the development of a work plan, budget and quality plan to ensure efficiency, high performance and high-quality work on engagements.
• Maintaining a progress tracker of engagement milestones, tasks, and deliverables.
• Schedule and conduct engagement internal and client kick-off, progress and close out meetings
• Conduct Red Teaming exercises, Vulnerability assessments and penetration tests within the relevant client engagements where applicable.
• Perform social engineering simulations to test human susceptibility in disclosing sensitive information.
• Present security risk exposures to the clients’ senior management.
• Serve as a Subject Matter Expert (SME) in information/cyber security controls and technologies for KPMG clients.
• Review organization’s security architecture, security control frameworks and guidelines.
• Assisting in preparation of technical and commercial value propositions.
• Identify, escalate and pursue opportunities for further work while on an engagement while demonstrating learning from previous engagements.
• Supervise staff level engagement teams. Direct and review the work product of Associates and provides direction and training as necessary
• Conduct trainings and capacity development for junior team members and raise training needs to Managers/Directors where needed
• Risk management – Ensure full compliance with KPMG’s quality, risk and management requirements.
• Any other tasks that will be assigned to you.

Academic/Professional qualifications and Experience:

• Bachelor’s degree in business, engineering, economics, IT or related relevant degree course.
• A minimum of four to six years of relevant work experience in cybersecurity
• Professional qualification in OSCP, OSCE, OCWE, GIAC, CompTIA Security+, CISA, CISM, CEH, or CRTP certification.
• Deep Networking Expertise
  • Understanding of TCP/IP, UDP, DNS, ARP, and other networking protocols, and knowledge of subnetting, firewalls, and network security concepts.
  • Comprehensive understanding of advanced networking concepts, such as VLANs, network segmentation, and secure protocols.
• Proficiency in analyzing and exploiting network protocols such SMB and LDAP.
• Familiarity with Windows and Linux, including command-line tools and system configurations.
• Knowledge of common vulnerabilities and exposure standards (e.g., OWASP Top 10, CVE) and ability to use vulnerability scanning tools like Nessus, OpenVAS etc.
• Hands-on experience with tools like Metasploit, Burp Suite, Wireshark, Nmap, and Kali Linux with understanding of password-cracking tools (e.g., John the Ripper, Hashcat)
• Cloud Security Knowledge – Expertise in testing cloud infrastructures (e.g., AWS, Azure, GCP) for misconfigurations, improper IAM policies, and privilege escalation paths.
• Experience in cloud security assessments including penetration testing.
• Web Application Security Assessment – Familiarity with common web vulnerabilities such as SQL injection, cross-site scripting (XSS), and file inclusion vulnerabilities.
• Proficiency in testing APIs, mobile applications, and containerized environments like Docker and Kubernetes.
• Familiarity with post-exploitation activities, persistence techniques, and methods to evade detection by security solutions.
• Experience in conducting Red Team assessments.
• Ability to document findings clearly and concisely, including technical details and remediation recommendations

Personal attributes:

• Good communication (written and verbal), numeracy, presentation and analytical skills.
• IT proficiency, especially Microsoft Office
• Strong analytical skills and attention to detail.
• High level of integrity and professionalism.
• Self-starter and able to work independently including across multiple priorities and complex matrixed roles and responsibilities.
• Confident, tactful and able to effectively influence others and deal effectively with senior leaders.
• Team player with leadership & team management capability
• Excellent coordination and planning skills
• Multicultural skills to operate across diverse African jurisdictions.
• Resilience, tenacity, and the ability to handle difficult client conversations.
• Comfort with multitasking, flexibility, open-mindedness, and the ability to make quick decisions.

We offer:

• An exciting opportunity to work with a Big 4 firm on cutting edge clients across Africa.
• Continuous learning and development.
• Exposure to multi-disciplinary client service teams.
• Unrivalled space to grow and be innovative.
• Opportunity for international travel

Read More>>>5 Tips for Project Management Experts to End the Year on a High Note

How to Apply

If your career aspirations match this exciting opportunity, please use the link below to apply: Cybersecurity _ ITA Senior Associate – Candidate’s Summary.  Filling the link is mandatory for consideration alongside your application to  talentrecruit@kpmg.co.ke quoting ‘Cybersecurity _ ITA – Senior Associate’ by 17 February 2025.