Skip to main content

This job has expired

You will need to login before you can apply for a job.

Information Assurance Manager - External

Employer
KPMG
Location
Birmingham, Bristol & Other locations
Salary
Competitive
Closing date
11 Aug 2022

View more

Sector
Consultancy
Job Role
Risk Analyst
Job Type
Permanent
Job description
The Information Assurance Manager reports to the Assurance & Remediation Lead within Information Assurance.
The Assurance and Remediation team play a key role in ensuring that KPMG meet the regulatory and clients requirements through managing our ISO27001 Certification, CE/CE+ Certifications, Client Assurance Questionnaires & Audits as well as ensuring that our internal teams and high risk suppliers are in compliance with KPMGs Information Security controls and IS027001.

The role requires close co-operation with all KPMG teams and their suppliers (where access is provided to KPMG data), KPMGs clients, regulators and & certifying bodies, some of which are located overseas.

The Role

  • Ensure security compliance of KPMG internal teams and suppliers (including managed service suppliers) to ISO27001, CE/CE+, Global Key Controls and KPMGs Information Security Management Policies by conducting audits/assessments and identifying risks and areas for improvement.
  • Log all findings in the Remediations Register, review remediation results and associated evidence, signing off closure when appropriate.
  • Identify and record potential risks identified during internal and supplier audits.
  • Ensure certification of KPMG to ISO27001 and CE/CE+.
  • Ensure KPMG alignment to ISO27001, CE+, Global Key Controls and KPMGs Information Security Management Policies by providing support with audits and related preparation exercises.
  • Engage with engagement teams on enquiries regarding Information Protection Plans (IPPs) and liaise with the NITSO (National Information Technology Security Officer) where their approval is required.
  • Provide support for client audit activities, including project management, liaising with areas of the business in scope for the audit to ensure a smooth audit experience.
  • Design and maintain External, Internal and Supplier Assurance reporting to ensure that Information Security and KPMG teams understand their current compliance status. Drive continuous improvement in management information to ensure we are providing meaningful, succinct data to our stakeholders.
  • Provide support to other areas of Assurance and Remediation as required.
Experience and Background

Technical

  • 3 years' experience working in an Information Security role.
  • Minimum 3 years' Lead Auditor experience, including managing and documenting audits.
  • Previous experience with managing the assurance of suppliers and third parties.
  • Good working knowledge of IT and Information Security controls.
  • CISSP, CISM and/or CISA certification desirable.
  • Good working knowledge of information security standards (e.g. Cyber Essentials, ISF Standard of Good Practice for Information Security, ISO 27001, NIST Cybersecurity Framework, CIS Top 20 Controls).
  • ITIL foundation certificate or above desirable.
  • Experience in Data Protection and legal compliance.
  • Ability to determine good practice and identify opportunities for improvement.
  • Risk Management knowledge and experience.
  • Experience of producing documentation including Policies, Standards and Control frameworks.
  • Working knowledge of techniques for planning, monitoring, data analysis and reporting.
  • Experienced in a wide base of technology and toolsets.

Personal

  • Ability to develop and leverage strong relationships with internal and external stakeholders.
  • Self-motivated, working independently, managing own workload.
  • Ethical, with the ability to remain impartial, and report all non-compliances.
  • Organisational skills with attention to detail.
  • Flexible and willing to travel overseas on business.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert