Using a wide variety of technical and sector-specific skills, KPMG's Risk & RDT Consulting group proactively helps transform clients to increase profits whilst reducing reputational, operational, financial and other risks. We are experienced in managing diverse issues including fraud, regulatory compliance, risk frameworks and modelling, capital efficiency, governance, dispute resolution, deriving value from contracts and much more.
Connected Technology - Our clients need to deal effectively with technology related risks and derive maximum value from automation, data and digital technology. Our specialists provide independent, jargon free advice and advanced technology capabilities to help our clients proactively manage their technology risks and use their data to its full potential.
Joining KPMG means joining a talented team of exceptional colleagues who bring innovative thoughts and a natural curiosity to the work they do each day. No one type of person succeeds at KPMG; a diverse business requires diverse personalities, characters and perspectives. There really is a place for you here.
Within Connected Technology Risk, our Powered team perform a large amount of our work implementing ServiceNow IRM / GRC, Vendor Risk, SecOps and Resilience solutions and providing advice to clients on their GRC journey. The Team
Our GRC projects include delivery of business cases, roadmaps, system remediation work, process re-design, implementing IRM solutions, data analysis, security solutions, compliance management and continuous controls monitoring. This work is delivered through stand-alone assignments, or as part of broader transformation programmes.
This role requires ServiceNow GRC process, functional and technical knowledge with good grasp of business processes, delivering projects and assurance services. Exposure to use of GRC tools and technology both from functional and technical perspective is essential. The successful candidate will be involved in client facing and client relationship building across a range of corporate and FS clients.The Role
- Lead multiple client ServiceNow IRM / GRC engagements.
- Responsibility for the overall output from ServiceNow IRM / GRC client engagements. This includes providing services to implement GRC and transform client's operation covering core areas namely risk management, regulatory management, cyber / secops, resilience, continuity, controls monitoring and access control.
- Understand GRC related client issues across different sectors e.g. Banking, Insurance, Asset Management.
- A deep understanding of the ServiceNow IRM / GRC technology platform, both functionally and technically
- Work as part of an onshore and offshore team to deliver client engagements, taking ownership for one or more workstreams
- Knowledge of other GRC platforms and their strengths and weaknesses e.g. ServiceNow, Bwise, Metricstream, Archer, Thomson Reuters.
- Scoping, financial management, managing delivery risk, production and review of deliverables.
- Building and managing excellent client relationships across a range of clients.
- Developing internal networks and maintaining excellent relationships with colleagues across KPMG.
- Contributing to innovation and practice management, e.g. new services, training, knowledge management.
- Coaching and developing team members both as part of our overall Performance Management process or on specific engagements.
- Ability to identify and assess complex GRC programmes, to relate them to the wider business environment and to express opinions clearly to all levels.
A combination of the following:
- Proven experience of successfully architecting, integrating, managing and delivering ServiceNow GRC services (including implementations, creating business cases and roadmaps, assurance reviews and maturity assessments) to medium/large, multi-national clients.
- Strong knowledge of IT risk and controls
- Experience in implementing GRC solutions for risk, controls, compliance, third party risk, cyber and security areas
- Understand the waterfall and agile methodologies for implementing ServiceNow IRM and the deliverables required at each stage
- Experience in certain key sectors e.g. Banking, Insurance and Asset Management
- Ability to align client and sector specific issues to our GRC services.
- Delivered or involved in a number of enterprise risk management engagements which have included a technology workstream and implementation.
- Experience in transformation and business change programmes.
- • Advising clients that operate GRC solutions on business benefits, solution fit and typical challenges.
- Experience of key GRC solutions (for example ServiceNow, Bwise, Metricstream, Archer, Thomson Reuters).
- Process expertise in GRC areas e.g. IT risk management, compliance & regulation, controls automation, continuous controls monitoring and security.
- Experience of using GRC related data analysis tools.
- Familiarity with regulatory compliance models and standards.
- Great relationship/stakeholder management skills at all levels.
- Proven communication and presentation skills.
- Proven experience of successfully delivering technology risk services.
- "Big 4" professional services or dynamic IT consultancy environment experience.
- Certified Implementation Specialist - Risk & Compliance
- Certified Implementation Specialist - Vendor Risk (Desirable)
- Prince II or PMI qualified (Desirable)
- Degree/masters qualification in IT (Desirable)
- Demonstrated commercial experience in
- GRC Solution Certifications (Desirable)
- IT Assurance Qualifications CISA (Desirable)