Information Risk Assessment Assistant Manager

Id Job: 316e354

🏢 On-site

💼 KPMG

📍 London, England

🕒 2 days ago

💰 59850 – 90000 GBP ANNUAL

Job Description

Job details

Location: London

Capability: Technology & Engineering

Experience Level: Associate/Assistant Manager

Type: Full Time

Service Line: EWT Security Ops

Contract type: Permanent

Job description

The Role:

The role sits within KPMG UK’s Information Security Function and provides Security Risk Assessment services to KPMG LLP.

The post holder will report to the Risk Assessment Practice Lead who reports to the Director of Information Assurance.

The postholder will be responsible for working with teams across KPMG LLP to assess risk and determine remediation actions to deliver our products, services and platforms securely.

Key Stakeholders include:
Chief Information Security Officer, Head of Information Assurance, and Head of Security Operations
Business and functional managers across the firm including Project Managers, BISOs (Business Information Security Officers), Procurement, and Supplier Managers
Chief Information Officer, and the IT Service Provider community in the firm
Senior Managers, Directors, and Partners from across the UK firm, KPMG Global, and other KPMG member firms who act as Information/Application/Product Owners

Key Responsibilities:

Information risk assessment
Support the information risk assessment capability and team
Support the delivery of a highly quality and timely information risk assessment (including Business Impact Assessment) service to the firm
Support the requirements of the firm’s information risk management framework, to ensure a consistent and structured approach to information risk management is taken across the firm
Provide consulting advice to project managers and other stakeholders on how best to implement the firm’s information security policies
Support the firm’s mission to build client trust and confidence with regard to information security generally and information risk assessment specifically
Stay abreast of industry best practice in relation to information risk assessment, and information technologies.

Policy

Support the development of the UK firm’s information security policies
Promote good information security practice and standards across the firm’s Risk management
Proactively foster an environment that drives appropriate information risk control behaviour, including early anticipation, identification and mitigation of information risk, escalating issues in line with the Information Risk Management Framework.
Support the on-going development and maintenance of the firm’s Information Risk Management Framework, including its supporting methodologies, processes and artefacts.

Awareness and collaboration

Establish strong relationships with business and functional teams
Establish effective relationships with IT service providers and other relevant stakeholders
Build on and preserve the firm’s reputation with clients, with regard to information security

Skills Requirements:

Technical knowledge and qualifications
Demonstrable experience of information security within a specific information risk consulting and assessment/audit capacity
Good knowledge of one or more information security standards (e.g. Cyber Essentials, ISF Standard of Good Practice for Information Security, ISO 27001, NIST Cybersecurity Framework, CIS Top 20 Controls)
Good understanding of privacy requirements (including GDPR)
Good working knowledge of the IT security aspects of IT infrastructure (network and servers) and services, including Cloud computing
Security certifications essential or working towards (CISSP, CISA, CRISC or equivalents)
Leadership skills
Strong influencing skills
Ability to deal with a broad range of stakeholders at all levels, both internal and external, in a confident and assured manner
Ability to prioritise and manage a complex workload, including multiple tasks for themselves.
Analytical skills
Proven ability to identify and articulate information security requirements, risks and issues, and to make clear decisions and recommendations
Ability to understand business drivers and risk appetite and to align information security compliance accordingly
Strong analytical and problem solving skills
Personal qualities
A good team player, with the ability to act independently and exercise sound judgment
Excellent communication skills, both written and verbal
Multi-cultural awareness and sensitivity
Strong integrity, independence and resilience
Excellent attention to detail combined with strategic vision

Why Technology & Engineering at KPMG?

Technology is at the heart of what we do and part of the very DNA of our business. That’s why we’ve invested in a single powerful team of connected technologists. 1,500 specialists, creating a step change in the way we work. Broader, deeper expertise, which is delivered to our clients faster than ever. Our connected solutions stretch across a range of specialisms too. From technology transformation, cyber and risk management through to security operations, data and analytics, automation, powered apps and Cloud. This is an opportunity to join a team that combines the entrepreneurial spirit and imagination of a start-up with the resources only a global network can provide. We’re committed to simplified structures and are investing in workplace tools that enable us to collaborate and innovate whether you’re working at home, in our office or at client sites.

Read about Technology & Engineering

Apply Go Back

Related Jobs

Hair Stylist
Supercuts
Cobham, Kent, South East England, England
1 day ago

Apply

Find The Best Job Vacancies in Various industry sectors 121810+ Job Vacancy

Browse 121810 List Available Job Vacancies Today. We Have Worked with 2000+ Trusted Companies around the world