KPMG US
Overview
Join to apply for the
Manager, Technology Risk
role at
KPMG US
KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you’re looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration, consider a career in Advisory.
Responsibilities
Design, coordinate, and oversee the day-to-day activities related to client engagements in one or more areas such as information technology (IT) strategy and transformation programs, agile software development/DevOps, business continuity and disaster recovery, cybersecurity, cloud providers and other third parties; data management/governance, emerging technology such as AI, automation (robotics, cognitive, and more), and projects; general IT controls (GITCs) and application controls testing, and regulatory/compliance requirements such as Sarbanes Oxley (SOX), FedRAMP and Payment Card Industry (PCI).
Review clients\' IT traditional and agile processes as well as tools for security, resiliency and DevOps controls against leading practice, industry, or client frameworks; assess capability maturity, identify gaps in design and execution of the controls, and communicate issues and recommendations to senior management.
Work with client senior management to design and implement new IT risk and control frameworks, sustainable solutions (including applying knowledge of governance, risk and security tools), operating processes and people models to address key and evolving risks as necessary. Plan and lead (or delegate) kickoff, status, and closing meetings with engagement team and clients.
Supervise and provide performance management for staff resources working on assigned engagements.
Complete comprehensive executive summaries, final reports and deliver to client senior management; document and review engagement workpapers in accordance with KPMG requirements and common industry practice for internal audit and risk consulting client engagements; lead efforts in developing and contributing content to related KPMG knowledge bases and internal practice development initiatives, including but not limited to research, thought leadership, marketing collateral, and share forums/peer exchange materials.
Qualifications
Minimum five years of recent experience working within IT risk (first line or second line of defense), cybersecurity, internal audit or IT compliance function as an internal employee; similar role as part of a professional services firm.
Bachelor's degree from an accredited college/university in an appropriate field; CISA, CISM, CISSP, CRISC or similar certifications preferred; Master’s degree preferred; one or more enterprise technology vendor certifications from IBM, Oracle, Microsoft, Google, AWS, ServiceNow, GitHub, Artifactory, Atlassian, or GitLab preferred.
Prior knowledge leading and executing IT risk consulting, IT process re-engineering, IT audit, and IT internal controls engagements, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, IIA GTAG, Cloud Security Alliance, CMMI, ITIL; proficiency in core requirements and methodologies for SOX internal control programs.
Experience with IT risk management operating models, three lines-of-defense frameworks, integrated risk management practices, and/or risk intelligence capabilities.
Understanding of commonly used enterprise technology infrastructure, CI/CD pipelines and DevOps management products/solutions from IBM, Oracle, Microsoft, Google, AWS, ServiceNow, Jenkins, GitHub, Artifactory, Atlassian, or GitLab preferred.
Strong leadership and executive communication skills, technical knowledge; ability to write at publication quality level to communicate findings and recommendations to clients and senior management; proficiency in executing projects in accordance with leading-practice project management principles.
Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. No sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa.
Ability to travel as necessary.
Company Information KPMG LLP and its affiliates and subsidiaries comply with all local/state regulations regarding salary disclosures and equal opportunity employment. KPMG is an equal opportunity employer and complies with all applicable federal, state, and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable laws. No phone calls or agencies please.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
General Business
Follow this link to obtain salary ranges by city outside of CA: https://kpmg.com/us/en/how-we-work/pay-transparency.html/?id=M105_3_25
Houston, TX
}
#J-18808-Ljbffr
Manager, Technology Risk
role at
KPMG US
KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and do not anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you’re looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration, consider a career in Advisory.
Responsibilities
Design, coordinate, and oversee the day-to-day activities related to client engagements in one or more areas such as information technology (IT) strategy and transformation programs, agile software development/DevOps, business continuity and disaster recovery, cybersecurity, cloud providers and other third parties; data management/governance, emerging technology such as AI, automation (robotics, cognitive, and more), and projects; general IT controls (GITCs) and application controls testing, and regulatory/compliance requirements such as Sarbanes Oxley (SOX), FedRAMP and Payment Card Industry (PCI).
Review clients\' IT traditional and agile processes as well as tools for security, resiliency and DevOps controls against leading practice, industry, or client frameworks; assess capability maturity, identify gaps in design and execution of the controls, and communicate issues and recommendations to senior management.
Work with client senior management to design and implement new IT risk and control frameworks, sustainable solutions (including applying knowledge of governance, risk and security tools), operating processes and people models to address key and evolving risks as necessary. Plan and lead (or delegate) kickoff, status, and closing meetings with engagement team and clients.
Supervise and provide performance management for staff resources working on assigned engagements.
Complete comprehensive executive summaries, final reports and deliver to client senior management; document and review engagement workpapers in accordance with KPMG requirements and common industry practice for internal audit and risk consulting client engagements; lead efforts in developing and contributing content to related KPMG knowledge bases and internal practice development initiatives, including but not limited to research, thought leadership, marketing collateral, and share forums/peer exchange materials.
Qualifications
Minimum five years of recent experience working within IT risk (first line or second line of defense), cybersecurity, internal audit or IT compliance function as an internal employee; similar role as part of a professional services firm.
Bachelor's degree from an accredited college/university in an appropriate field; CISA, CISM, CISSP, CRISC or similar certifications preferred; Master’s degree preferred; one or more enterprise technology vendor certifications from IBM, Oracle, Microsoft, Google, AWS, ServiceNow, GitHub, Artifactory, Atlassian, or GitLab preferred.
Prior knowledge leading and executing IT risk consulting, IT process re-engineering, IT audit, and IT internal controls engagements, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, IIA GTAG, Cloud Security Alliance, CMMI, ITIL; proficiency in core requirements and methodologies for SOX internal control programs.
Experience with IT risk management operating models, three lines-of-defense frameworks, integrated risk management practices, and/or risk intelligence capabilities.
Understanding of commonly used enterprise technology infrastructure, CI/CD pipelines and DevOps management products/solutions from IBM, Oracle, Microsoft, Google, AWS, ServiceNow, Jenkins, GitHub, Artifactory, Atlassian, or GitLab preferred.
Strong leadership and executive communication skills, technical knowledge; ability to write at publication quality level to communicate findings and recommendations to clients and senior management; proficiency in executing projects in accordance with leading-practice project management principles.
Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. No sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa.
Ability to travel as necessary.
Company Information KPMG LLP and its affiliates and subsidiaries comply with all local/state regulations regarding salary disclosures and equal opportunity employment. KPMG is an equal opportunity employer and complies with all applicable federal, state, and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable laws. No phone calls or agencies please.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
General Business
Follow this link to obtain salary ranges by city outside of CA: https://kpmg.com/us/en/how-we-work/pay-transparency.html/?id=M105_3_25
Houston, TX
}
#J-18808-Ljbffr