Information Security Analyst - Governance Risk and Reporting
- Employer
- KPMG
- Location
- London, United Kingdom
- Salary
- Competitive
- Closing date
- 30 Apr 2019
View more
- Recruiter Type
- Direct Employer
- Sector
- Consultancy
- Job Role
- Risk Analyst
- Job Type
- Permanent
You need to sign in or create an account to save a job.
AutoReq ID
142738BR
Job Title
Information Security Analyst - Governance Risk and Reporting
Country
United Kingdom
Location
London
Function
KPMG Business Services
Service Line
QRM
Service Line Information
Quality and Risk Management are the responsibility of each partner and employee. This responsibility includes the need to understand and adhere to member firm policies and associated procedures in carrying out their day-to-day activities. UK Quality & Risk Management teams help to set, implement and enforce policies and procedures designed to help to enable KPMG UK and its personnel to achieve the following key objectives: (i) oversee and monitor service quality, (ii) protect the brand and reputation of KPMG, (iii) comply with laws, (iv) regulations and professional standards, and (v) minimize the risk of financial claims against KPMG UK.
KPMG Overview
KPMG is part of a global network of firms that offers Audit, Tax & Pensions, Consulting, Deal Advisory and Technology services. Through the talent of over 16,000 colleagues, we bring our creativity and insight to our clients' most critical challenges.
With offices across the UK, we work with everyone from small start-ups and individuals to major multinationals, in virtually every industry imaginable. Our work is often complex, yet our vision is simple: to be the clear choice for our clients, for our people and for the communities we work in.
Job Description
The role holder will be an analyst in the Information Assurance Governance, Risk & Compliance team, supporting the governance, risk & reporting aspects of Information Assurance. The role holder will support the Information Risk Management framework, including providing the status of information risk and compliance across the firm.
KEY RESPONSIBILITIES
Risk management
- Support the day-to-day management of the firm's Information Risk Management framework, including the on-going support of related processes, artefacts and tooling.
- Support the proactive and timely management of non-compliance and associated information risks in the Information Risk Register
- Help to foster an environment that drives appropriate information risk control behaviour, including early anticipation, identification and mitigation of information risk, escalating issues as necessary
- Support the firm's mission to build client trust and confidence with regard to information security
- Stay abreast of industry best practice in relation to information security governance, risk & compliance
Governance
- Help to maintain the core documents relevant to the firm's Information Security Management System.
- Proactively support the secretariat aspects of the Information Assurance governance bodies.
Reporting
- Help to provide meaningful and actionable management information, including Key Risk Indicators and Key Performance Indicators, for policies owned by the Head of Information Assurance.
Policy
- Responsible for the day-to-day management of the Governance, Risk & Compliance "front door" mailbox including responding to queries about the Information Assurance policies and maintaining standard responses.
- Help to promote good information security practice and standards across the firm
Awareness and collaboration
- Establish strong relationships with first line of defence stakeholders, as relevant to role
- Establish strong relationships with other relevant stakeholders
- Build on and preserve the firm's reputation with clients, with regard to information security
KNOWLEGDE, EXPERIENCE AND SKILLS
Technical knowledge and qualifications
- A minimum of 2 years' practical experience of information security in a governance, risk & compliance capacity
- Basic working knowledge of information security standards (eg Cyber Essentials, ISF Standard of Good Practice for Information Security, ISO 27001, NIST Cybersecurity Framework, CIS Top 20 Controls)
- Subject matter knowledge of information risk management
- Basic understanding of privacy requirements (including GDPR)
- Ability to communicate clearly and simply, both verbally and in writing
- Good Excel skills
- Information security or information risk certification desirable (or willingness to achieve this)
Leadership skills
- Ability to prioritize and manage a complex workload, including multiple tasks for themselves
Analytical skills
- Proven ability to identify trends and patterns from information security risk data and metrics
- Problem solving skills
Personal qualities
- A self-starter, with a proven need for excellence
- A good team player
- Good inter-personal skills and ability to communicate effectively with stakeholders at all levels
- Multi-cultural awareness and sensitivity
- Strong integrity, independence and resilience
- Excellent attention to detail
Our Deal
Flexible Working
Our employees have many varied work schedules to suit their individual needs!
Our intelligent working options range from role sharing and flexible start and finish times, to home working and more informal arrangements agreed within teams.
Check out examples of KPMG employees enjoying different working patterns on our website and please do share your own individual requirements with us.
Applying with a Disability
As a member of the Business Disability Forum we're committed to ensuring a great experience for colleagues with a disability. Should you be successful after the initial application stage, please discuss any adjustments that you may require with your recruitment contact.
KPMG's commitment to diversity
We are proud of the value we place on individuality. We want you to bring your full self to work and maximise your potential. KPMG is a place where everyone can thrive, whatever their gender, ethnicity, disability, sexual orientation and socio-economic background.
Policy for Agencies
KPMG has a commitment to sourcing candidates directly and as such we do not accept speculative CV's from agencies. Please check here to see our policy on agencies: Policy
Job Segment: Risk Management, Information Security, Claims, Consulting, Finance, Security, Technology, Insurance
142738BR
Job Title
Information Security Analyst - Governance Risk and Reporting
Country
United Kingdom
Location
London
Function
KPMG Business Services
Service Line
QRM
Service Line Information
Quality and Risk Management are the responsibility of each partner and employee. This responsibility includes the need to understand and adhere to member firm policies and associated procedures in carrying out their day-to-day activities. UK Quality & Risk Management teams help to set, implement and enforce policies and procedures designed to help to enable KPMG UK and its personnel to achieve the following key objectives: (i) oversee and monitor service quality, (ii) protect the brand and reputation of KPMG, (iii) comply with laws, (iv) regulations and professional standards, and (v) minimize the risk of financial claims against KPMG UK.
KPMG Overview
KPMG is part of a global network of firms that offers Audit, Tax & Pensions, Consulting, Deal Advisory and Technology services. Through the talent of over 16,000 colleagues, we bring our creativity and insight to our clients' most critical challenges.
With offices across the UK, we work with everyone from small start-ups and individuals to major multinationals, in virtually every industry imaginable. Our work is often complex, yet our vision is simple: to be the clear choice for our clients, for our people and for the communities we work in.
Job Description
The role holder will be an analyst in the Information Assurance Governance, Risk & Compliance team, supporting the governance, risk & reporting aspects of Information Assurance. The role holder will support the Information Risk Management framework, including providing the status of information risk and compliance across the firm.
KEY RESPONSIBILITIES
Risk management
- Support the day-to-day management of the firm's Information Risk Management framework, including the on-going support of related processes, artefacts and tooling.
- Support the proactive and timely management of non-compliance and associated information risks in the Information Risk Register
- Help to foster an environment that drives appropriate information risk control behaviour, including early anticipation, identification and mitigation of information risk, escalating issues as necessary
- Support the firm's mission to build client trust and confidence with regard to information security
- Stay abreast of industry best practice in relation to information security governance, risk & compliance
Governance
- Help to maintain the core documents relevant to the firm's Information Security Management System.
- Proactively support the secretariat aspects of the Information Assurance governance bodies.
Reporting
- Help to provide meaningful and actionable management information, including Key Risk Indicators and Key Performance Indicators, for policies owned by the Head of Information Assurance.
Policy
- Responsible for the day-to-day management of the Governance, Risk & Compliance "front door" mailbox including responding to queries about the Information Assurance policies and maintaining standard responses.
- Help to promote good information security practice and standards across the firm
Awareness and collaboration
- Establish strong relationships with first line of defence stakeholders, as relevant to role
- Establish strong relationships with other relevant stakeholders
- Build on and preserve the firm's reputation with clients, with regard to information security
KNOWLEGDE, EXPERIENCE AND SKILLS
Technical knowledge and qualifications
- A minimum of 2 years' practical experience of information security in a governance, risk & compliance capacity
- Basic working knowledge of information security standards (eg Cyber Essentials, ISF Standard of Good Practice for Information Security, ISO 27001, NIST Cybersecurity Framework, CIS Top 20 Controls)
- Subject matter knowledge of information risk management
- Basic understanding of privacy requirements (including GDPR)
- Ability to communicate clearly and simply, both verbally and in writing
- Good Excel skills
- Information security or information risk certification desirable (or willingness to achieve this)
Leadership skills
- Ability to prioritize and manage a complex workload, including multiple tasks for themselves
Analytical skills
- Proven ability to identify trends and patterns from information security risk data and metrics
- Problem solving skills
Personal qualities
- A self-starter, with a proven need for excellence
- A good team player
- Good inter-personal skills and ability to communicate effectively with stakeholders at all levels
- Multi-cultural awareness and sensitivity
- Strong integrity, independence and resilience
- Excellent attention to detail
Our Deal
Flexible Working
Our employees have many varied work schedules to suit their individual needs!
Our intelligent working options range from role sharing and flexible start and finish times, to home working and more informal arrangements agreed within teams.
Check out examples of KPMG employees enjoying different working patterns on our website and please do share your own individual requirements with us.
Applying with a Disability
As a member of the Business Disability Forum we're committed to ensuring a great experience for colleagues with a disability. Should you be successful after the initial application stage, please discuss any adjustments that you may require with your recruitment contact.
KPMG's commitment to diversity
We are proud of the value we place on individuality. We want you to bring your full self to work and maximise your potential. KPMG is a place where everyone can thrive, whatever their gender, ethnicity, disability, sexual orientation and socio-economic background.
Policy for Agencies
KPMG has a commitment to sourcing candidates directly and as such we do not accept speculative CV's from agencies. Please check here to see our policy on agencies: Policy
Job Segment: Risk Management, Information Security, Claims, Consulting, Finance, Security, Technology, Insurance
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalised job recommendations straight to your inbox.
Create alert