Information Security Assistant Manager - Policy & Compliance
- Employer
- KPMG
- Location
- Cambridge, United Kingdom
- Salary
- Competitive
- Closing date
- 17 Apr 2019
View more
- Recruiter Type
- Direct Employer
- Sector
- Consultancy
- Job Role
- Risk Analyst
- Job Type
- Permanent
You need to sign in or create an account to save a job.
AutoReq ID
143047BR
Job Title
Information Security Assistant Manager - Policy & Compliance
Country
United Kingdom
Location
Cambridge
Function
KPMG Business Services
Service Line
QRM
Service Line Information
Quality and Risk Management are the responsibility of each partner and employee. This responsibility includes the need to understand and adhere to member firm policies and associated procedures in carrying out their day-to-day activities. UK Quality & Risk Management teams help to set, implement and enforce policies and procedures designed to help to enable KPMG UK and its personnel to achieve the following key objectives: (i) oversee and monitor service quality, (ii) protect the brand and reputation of KPMG, (iii) comply with laws, (iv) regulations and professional standards, and (v) minimize the risk of financial claims against KPMG UK.
KPMG Overview
KPMG is part of a global network of firms that offers Audit, Tax & Pensions, Consulting, Deal Advisory and Technology services. Through the talent of over 16,000 colleagues, we bring our creativity and insight to our clients' most critical challenges.
With offices across the UK, we work with everyone from small start-ups and individuals to major multinationals, in virtually every industry imaginable. Our work is often complex, yet our vision is simple: to be the clear choice for our clients, for our people and for the communities we work in.
Job Description
Opening Dates for Applications: 18/03/2019
Closing Date for Applications: 16/04/2019
Salary: Competitive plus negotiable benefits
This position has multiple vacancies
The main duties and responsibilities of the role:
- Support the management of the second line of defence assurance and compliance programme and deliver this across the firm
- Delivery of first line of defence activity including the scope and delivery of information security control testing
- Support the delivery of internal and external security audits
- Manage the relationship with the firm's external certification bodies and maintenance of the ISO 27001 and Cyber Essentials certifications
- Maintain and enhance the methodology and artefacts for information risk assessment (including supply chain security assurance) and conduct oversight over this activity
- Support the development, maintenance and communication of the UK firm's information security policies
- Promote good information security practice and standards across the firm
- Risk management
- Support proactive and timely identification, evaluation and recording of non-compliance and information security risks
- Foster an environment that drives appropriate information risk control behaviour, including early anticipation, identification and mitigation of information risk, escalating issues in line with the Information Risk & Control Framework.
The skills, qualifications and experience required for the job:
- Proven experience of supporting Information Security Management in a large scale organisation with a complex structure
- Proven experience of planning and delivering Information Security assurance on critical IT systems
- Proven experience of undertaking Information Security Gap Analysis and remediation to ensure compliance with recognised Security frameworks
- Proven experience of undertaking Information Security audits
- Proven experience of conducting business impact analysis and developing policies for business continuity, crisis management and disaster recovery
- Recognised Information Security and Business Continuity qualifications
Our Deal
Flexible Working
Our employees have many varied work schedules to suit their individual needs!
Our intelligent working options range from role sharing and flexible start and finish times, to home working and more informal arrangements agreed within teams.
Check out examples of KPMG employees enjoying different working patterns on our website and please do share your own individual requirements with us.
Applying with a Disability
As a member of the Business Disability Forum we're committed to ensuring a great experience for colleagues with a disability. Should you be successful after the initial application stage, please discuss any adjustments that you may require with your recruitment contact.
KPMG's commitment to diversity
We are proud of the value we place on individuality. We want you to bring your full self to work and maximise your potential. KPMG is a place where everyone can thrive, whatever their gender, ethnicity, disability, sexual orientation and socio-economic background.
Policy for Agencies
KPMG has a commitment to sourcing candidates directly and as such we do not accept speculative CV's from agencies. Please check here to see our policy on agencies: Policy
Job Segment: Assistant Manager, Information Security, Information Technology, IT Manager, Compliance, Management, Technology, Legal
143047BR
Job Title
Information Security Assistant Manager - Policy & Compliance
Country
United Kingdom
Location
Cambridge
Function
KPMG Business Services
Service Line
QRM
Service Line Information
Quality and Risk Management are the responsibility of each partner and employee. This responsibility includes the need to understand and adhere to member firm policies and associated procedures in carrying out their day-to-day activities. UK Quality & Risk Management teams help to set, implement and enforce policies and procedures designed to help to enable KPMG UK and its personnel to achieve the following key objectives: (i) oversee and monitor service quality, (ii) protect the brand and reputation of KPMG, (iii) comply with laws, (iv) regulations and professional standards, and (v) minimize the risk of financial claims against KPMG UK.
KPMG Overview
KPMG is part of a global network of firms that offers Audit, Tax & Pensions, Consulting, Deal Advisory and Technology services. Through the talent of over 16,000 colleagues, we bring our creativity and insight to our clients' most critical challenges.
With offices across the UK, we work with everyone from small start-ups and individuals to major multinationals, in virtually every industry imaginable. Our work is often complex, yet our vision is simple: to be the clear choice for our clients, for our people and for the communities we work in.
Job Description
Opening Dates for Applications: 18/03/2019
Closing Date for Applications: 16/04/2019
Salary: Competitive plus negotiable benefits
This position has multiple vacancies
The main duties and responsibilities of the role:
- Support the management of the second line of defence assurance and compliance programme and deliver this across the firm
- Delivery of first line of defence activity including the scope and delivery of information security control testing
- Support the delivery of internal and external security audits
- Manage the relationship with the firm's external certification bodies and maintenance of the ISO 27001 and Cyber Essentials certifications
- Maintain and enhance the methodology and artefacts for information risk assessment (including supply chain security assurance) and conduct oversight over this activity
- Support the development, maintenance and communication of the UK firm's information security policies
- Promote good information security practice and standards across the firm
- Risk management
- Support proactive and timely identification, evaluation and recording of non-compliance and information security risks
- Foster an environment that drives appropriate information risk control behaviour, including early anticipation, identification and mitigation of information risk, escalating issues in line with the Information Risk & Control Framework.
The skills, qualifications and experience required for the job:
- Proven experience of supporting Information Security Management in a large scale organisation with a complex structure
- Proven experience of planning and delivering Information Security assurance on critical IT systems
- Proven experience of undertaking Information Security Gap Analysis and remediation to ensure compliance with recognised Security frameworks
- Proven experience of undertaking Information Security audits
- Proven experience of conducting business impact analysis and developing policies for business continuity, crisis management and disaster recovery
- Recognised Information Security and Business Continuity qualifications
Our Deal
Flexible Working
Our employees have many varied work schedules to suit their individual needs!
Our intelligent working options range from role sharing and flexible start and finish times, to home working and more informal arrangements agreed within teams.
Check out examples of KPMG employees enjoying different working patterns on our website and please do share your own individual requirements with us.
Applying with a Disability
As a member of the Business Disability Forum we're committed to ensuring a great experience for colleagues with a disability. Should you be successful after the initial application stage, please discuss any adjustments that you may require with your recruitment contact.
KPMG's commitment to diversity
We are proud of the value we place on individuality. We want you to bring your full self to work and maximise your potential. KPMG is a place where everyone can thrive, whatever their gender, ethnicity, disability, sexual orientation and socio-economic background.
Policy for Agencies
KPMG has a commitment to sourcing candidates directly and as such we do not accept speculative CV's from agencies. Please check here to see our policy on agencies: Policy
Job Segment: Assistant Manager, Information Security, Information Technology, IT Manager, Compliance, Management, Technology, Legal
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalised job recommendations straight to your inbox.
Create alert