Technology is a key facilitator of rapid global business growth and advancement. It is also a major source of business risk. Boards and senior executives recognise the importance of technology, but often struggle to understand and manage it effectively. Often, business executives and their IT professionals don't speak the same language. This communications gap can lead to misunderstandings and misaligned expectations and outcomes.

KPMG’s IT Advisory practice helps bridging the communications gap between business executives and IT professionals. Our professional assists clients to focus on fundamental business issues that help increase revenues, control costs, and identify and manage risks, including the risks inherent in the technology systems used to support business objectives. IT Advisory Services also provides information to clients to help them meet their strategic and financial goals. Our service offerings are closely aligned to our client’s business IT lifecycle to enable focused advisory efforts at all levels of the IT spectrum.



Working as part of our security team, you will be required to perform IT control environment reviews and Security infrastructure assessment that includes but not limited to the following:

  • Detailed environment security reviews (Wintel, Novell, AS400, Unix).

  • Penetration tests (internal, external, web, wireless).

  • Firewall and router assessments.

  • ERP security reviews (SAP, Oracle).

  • Database security reviews

  • Security framework assessments.

  • Security management and monitoring assessment.

  • Security policy development and assessment.

  • Security training – internal and external.


  • A Bachelor's Degree in Computer Science,/Information Technology/Engineering/any related field.

  • Candidates with CISA , CISSP, Ethical Hacking, CISCO qualifications and/or related certifications would be an advantage.

  • For Senior Associate Level – A minimum of 3 years experience in computing with a sound knowledge of IP networks and associated security issues.

  • Knowledge of security administration, assessment, policy development, firewall/DMZ design and implementation, network security, and or security architecture development. Exposure to a range of industries would be ideal, but not essential. Likely industry exposure will include government, health, energy & natural resources, manufacturing and finance.

  • A team leader and support with good communication, presentation and interpersonal skills.

  • For Associate Level – a good understanding of technology and security concepts and principles plus some working knowledge

  •  Analytical and detail conscious.

  • Independent, self-motivated, organized, and results oriented individuals capable of handling multiple tasks and achieving tight deadlines.

  • Strong analytical and management skills.

  • Good command of English.