KPMG Cyber Security– Interview mit Sylvain Luiset
Sylvain Luiset, with a Master of Science in Communication Systems from EPFL, is a Senior Consultant and has been working in the Information Protection and Business Resilience team in Zurich since June 2014.
Why did you choose to work in Cyber Security after your studies?
After my studies in Communication Systems where I specialized in Cryptography and Communication Security, starting a career in Cyber Security was the next logic step. When I started my studies at EPFL, Cyber Security was a trendy topic and I was very interested in it from the beginning. Right after my Master, I worked for an international company in Fribourg, mainly focusing on internal projects. As I was interested in client-facing work, I started researching consulting companies that offer such positions in Cyber Security.
Why did you choose KPMG as an employer?
I saw KPMG’s job ad in the Information Protection and Business Resilience team on a job platform and found it very appealing from the beginning. During the recruitment process, I realized that I really wanted to work in consulting and that KPMG was the right employer to start my consulting career. I got the feeling that the position was made for me. At KPMG, I can work on multiple projects at the same time and also work at the clients’ premises. It was a more challenging position as I had never worked directly with clients before but I was ready to take on this challenge.
How did you experience your first days and weeks at KPMG?
On my first day, I participated in the official KPMG Welcome Day. At this introduction day, I not only learned more about KPMG and its vision, I also met colleagues from other departments and built up my first network within the firm. I spent the first week here mainly reading all of the provided information. I also had a mentor who showed me around and explained everything to me. This was very helpful and I still contact him whenever I need advice on career or practical topics.
Can you explain your work in Cyber Security at KPMG?
In Information Protection and Business Resilience, my team offers both Cyber Security and Certification Services for our clients. In particular, we perform penetration testing and vulnerability assessments and offer a wide range of certifications. This means that I not only work on Cyber Security projects but also do Certification projects, which focus more on audit.
My first client project was the certification of a Public Key Infrastructure. I worked directly at the client’s premises conducting interviews to confirm that the client was fulfilling all of the requirements. I did this project together with my mentor and learned a lot about interview techniques.
I particularly like the Cyber Security projects and mostly penetration testing. In such tests, I put myself in hackers’ shoes, initiate cyber-attacks and thus try to find security issues within the client’s infrastructure and processes. Based on these findings, I can make recommendations for the client so the client can effectively protect itself against cybercrime.
What does a typical workday look like in Cyber Security?
There is no typical workday in Information Protection and Business Resilience. Every day is different. I work on various projects with multiple and different team members. I am either at the client’s, doing on-site penetration testing or at KPMG writing reports. We also have a Cyber Lab on our premises for remote penetration testing. There, we have specialized tools, dedicated hardware and vulnerability scanners and the ability to simulate cyber-attacks.
What is your motivation and what do you like most about your job in Cyber Security?
The diversity of the projects, the variety of clients and the fact that all of my projects are challenging and I can learn every day. I particularly like penetration testing. The more experience you have with these tests, the faster you become and it gives the opportunity to always apply the newest hacking techniques. What further motivates me are the report discussions with the client, where we meet with highest level of the organization. These meetings are interesting but also challenging as we need to translate all the technical information into business language and make relevant recommendations.
What is the most challenging part in your job? How do you handle such challenges?
In my opinion, the most challenging part is time management. I normally work on multiple projects at the same time and need to switch quickly from one client to the other.
What do you like most about working with and for different clients? What kinds of clients do you have?
Working in a client-facing job as I do is very interesting. My clients are mainly from the finance, industrial manufacturing, telecommunication and energy production industries. Many of them are international companies but some are not very well-known smaller companies. I like this diversity as I learn a lot about different processes and industries and get to know many people with different technical backgrounds.
Do you also work on international client projects?
I travel quite a lot due to international client projects and on-site testing. So far, I have gone to Dubai, Germany, Singapore and India and worked in very international KPMG teams for multinational clients. I really like the traveling part in my job as I can experience new cultures and ways of working together.
What further development opportunities do you have at KPMG?
KPMG offers external and internal trainings. I just recently did a certification in ethical hacking in Germany and a training on “Industrial Control Systems security” in the United States. Internally, I can attend courses to improve my leadership, sales or presentation skills.
What are the ideal qualifications for starting a career in Cyber Security at KPMG?
When working in Cyber Security, it is important to have a thorough understanding of the field of cyber security, cyber-crime and networking. My colleagues either have a similar background as I do, or hold a Bachelor or Master’s degree in Computer Science or Information Technology. Personality-wise, one needs to like working with clients and have the ability to both quickly adapt to altering situations and to think out of the box.
Do you have a last tip for graduates and students?
Get in contact with potential future colleagues as soon as possible. This could be during a job fair or at one of the specific Campus events. You should also not hesitate to contact future team members on professional platforms, such as Linkedin. In this way, you learn a lot more about the different career opportunities and, more importantly, get to know an employer’s corporate culture.
Sylvain Luiset, IPBR Oktober 2016
Offene Stellen in der Cyber Security bei KPMG
|KPMG AG||Vanessa Heini|
|Badenerstrasse 172||Head Campus Marketing|
|Postfach||HR Marketing & Recruiting|
|8036 Zürich||+41 58 249 62 77|