Job description Job title: Senior Manager - Cyber in Deals Location: UK
Using a wide variety of technical and sector-specific skills, our Cyber practice works right across KPMG's other disciplines to strengthen our solutions and help protect our clients to allow them to achieve their objectives.
We are experienced in managing diverse issues - no two days are the same. Our work ranges from advising on cyber resilience and privacy to implementing technology solutions through to delivering expertise in due diligence M&A activity on cyber risk.
2021 has been the fastest growth we've seen in over five years and we are investing in our people and in our solution to grow further, not just in the UK but as part of a global practice.
This role is focused on our Cyber in M&A offering, which is one of the fastest growing parts of our Cyber practice. We delivery due diligence, both buy and sell-side, and then work across the deal lifecycle into both large Corporates and Private Equity houses.
There is a tight core team supported by the wider practice depending upon which skills are required. This could be the need for industry expertise OR specific technologies the client / target has. It includes the following:
- "buy-side" Cyber Due Diligence (DD). Sometimes alongside our financial and technology DD teams and sometimes where we are the only KPMG team delivering to others. Rapidly assessing the capability of an organisation through our proprietary scanning technology, interviews and reviews of architectural and procedural documentation. These are short-sharp reviews, often delivered in days, its high-volume and impactful work at the point of the deal.
- Post deal / pre-sale - either integrating organisations in to a large corporate, determining what to keep and what to replace, or working with a PE House across the portfolio to assess areas of remediation. This may involve recommending Threat & Vulnerability management solutions, performing deeper dive benchmark reviews or building capability to help clients respond to a cyber-attack.
- Delivering Sell-side support. This could be through formal Vendor Due Diligence (VDD), or in a 'vendor assist' capacity. Either supporting an organisation prepare for the process of sale to ensure cyber does not have a value impact. Or conducting detailed review work to provide an accurate representation of the organisations current cyber state and its understanding of cyber risk exposure. These are typically larger pieces than buy-side and with greater access to senior management who want to understand any issues we are raising to understand what rapid remediation is possible.
The role will be approximately 70% delivery (predominantly oversight over a delivery team, though there will be hands on delivery also, in particular interviewing senior roles at clients) and 30% sales and practice development.
The individual will have a broad base of skills across Information Security disciplines, the ability to form a view quickly, based on limited information, and a desire to work across multiple industry sectors. The role is perfect for someone looking to work with a variety of organisations, able to interact at the most senior levels in organisations and able to deliver fast-paced opinion.
Other key responsibilities of the role will include
Experience and Skills:
- Building and maintaining relationships with key buyers and buying influences at PE Houses - creating recurring revenue streams.
- Supporting colleagues in our wider team to build relationships with acquisitive listed businesses.
- Maintaining and developing our solutions in this space. This will include the continual improvement of existing methodologies and creating new service offerings with a heavy focus on digitally enabling services and use of innovative tooling and techniques.
- Career development of more junior team members, supporting them to build their IT / cyber-technical capability as well as their commercial / consulting skills.
- Scoping, financial management, managing delivery risk, production and review of deliverables.
- Taking a lead role in sales activities such as responding to RFPs, bid management, proposal writing and client presentations.
- Owning and building the relationship with key internal stakeholders within our Deal Advisory and Consulting practices. This will include building networks within the Cyber and Tech teams, key Business Development Mangers, our 'Deal Connect' community, and relevant parts of Corporate Finance and Transaction Services (in Deals).
A combination of the following:
- A track record of continuous improvement, developing a service offering.
- An understanding of the deal lifecycle and familiarity with key terminology used.
- Capability to succinctly articulate the value impact of cyber in the context of a transaction and effectively quantify the risk of issues identified.
- Ability to work effectively both remotely and in person across a nationally (and sometimes globally) distributed team, with colleagues across multiple different functions.
- Conducting assessments against industry recognised cyber frameworks.
- A working understanding of the cyber kill chain and typical attack paths.
- Familiarity with regulatory compliance models and standards
- Great relationship/stakeholder management skills at all levels.
- Capability to successfully manage a team to deliver a high-quality output within challenging deadlines.
- Proven communication and presentation skills.
- Evidence of personal development of own technical skills, such as completing qualifications like CISSP and CISM