Associate Director - Cyber Security

KPMG in Bahrain’s Cyber Security practice has a focus on the financial, government, telecom, and industrial sectors. We continuously seek to understand our clients’ cyber security challenges and provide services to improve their cyber security posture, reduce their organizational risk, and therefore reduce risk to their customers and Bahrain as a whole. We seek to be thought leaders and set new precedents in providing guidance and influence on the cyber security ecosystem of Bahrain starting with the regulatory authorities and scaling from multinational corporations down to small-medium enterprises. We invest heavily in the development of our team members and work together with a growth mindset and an attitude of continuous improvement.

Primary Job Responsibilities/Accountabilities

• Be the lead / primary client point of contact for multiple, concurrent projects and see projects delivered end to end with high quality standards in coordination with the engagement manager and director.
• Be responsible for the Business Development Targets (mandatory skill)
• Sector experience should be Financial Services (mandatory), Energy is preferred as well.
• Develop proposals leveraging KPMG internal best practices, coordinating across KPMG global cyber expertise to find the right skillsets, and customizing the approach to fit the client needs
• Serve as performance manager for junior staff and provide guidance and mentorship as part of their professional development and annual goals.
• Contribute to internal practice management initiatives such as cyber security training and knowledge sharing across the Bahrain firm departments.
• Develop thought leadership by coordinating with global cyber studies and performing local cyber studies to highlight key focus areas in Bahrain.
• Provide oversight and quality assurance on technical testing including internal, external, application, infrastructure, cloud and API penetration tests.
• Provide oversight and quality assurance on cyber strategy and design projects for clients by performing control gap assessments, interviewing stakeholders, and providing risk based roadmaps for implementation and execution.
• Provide oversight and guidance on incident response and forensic services to help clients design their incident response programs as well as assist them in identifying, containing, and recovering from cyber security breaches.
• Provide oversight and quality assurance on OT security projects for clients by performing control gap assessments aligned to (ONG-C2M2, NIST, etc.), interviewing OT engineers and providing risk-based roadmaps for implementation and remediation.
• Facilitate training and workshops for clients to walk through tabletop scenarios and general security awareness.
• Lead project management for client cyber solution implementations to select and roll out critical security tools such as SIEM, DLP, PAM, GRC, and others.
• Lead risk assessments across client assets to identify critical information, critical assets, and corresponding controls to reduce risk.
• Lead client discussions to understand their deeper pain points and identify opportunities to provide further value through new engagements.
• Follow internal risk management and reporting procedures for adhering to KPMG global engagement standards.
• Leverage latest methodologies and practices for delivering high quality engagement value and contribute to further developing and improving our methodologies.
• Complete continuous cyber education training courses and conferences to stay up to date on the latest threats and cyber defense approaches.

The Individual

• Bachelor’s or Master’s degree in engineering, computer science, information systems, cyber security or related
• Certified in CISSP, CISM, OSCP, CEH, GIAC, AWS Security

Experience Expected:

• 10+ years of Cyber security consulting experience with a Big 4 or 15+ years of experience as internal cyber security staff
• Demonstrate experience in assessing OT environments will be advantageous