Back

Information Risk Assessment Assistant Manager

Information Risk Assessment Assistant Manager London, England

KPMG-UnitedKingdom
Full Time London, England 58800 - 90000 GBP ANNUAL Today
Job description

Job description

The role holder will be an Assistant Manager (Grade D) in the Information Risk Assessment team, conducting Information Risk assessments by supporting how the firm identifies and analyses information security threats and risks to KPMG and client information in projects, initiatives, new systems, applications and IT resources, to advise on the controls necessary within agreed limits. The role holder will provide support for the day-to-day service, to support the Information Risk Assessments Team ensuring risks are identified and are entered into the Information Risk Assessment tool.

Key Activities include


  • Conducting multiple Information Security Risk assessments of technologies and suppliers for internal projects and initiatives.
  • Completing Information Risk Assessments in-line with KPMG UK's Risk Assessment methodology to completion which may include raising risks.
  • Appropriate information security contractual clauses are used in any formal agreement with suppliers.
  • Collaborating, liaising, conversing and working with internal project/initiative stakeholders and security testing teams to recognise appropriate risks with identified security findings.
  • Working within agreed timescales and keeping Information Risk Assessments on track within agreed SLA's with business stakeholders.


Key Stakeholders


  • Business and functional managers across the firm, including Project Managers, Project teams, BISOs (Business Information Security Officers), Procurement, and Supplier Managers (and 3rd parties).
  • Technology, Information Assurance, Security Operations and Data Privacy teams.
  • Senior Managers, Directors, and Partners from across the UK firm, KPMG Global, and other KPMG member firms who act as Information/Application/Product Owners.


Key Responsibilities

Technical Information Risk Assessment

Within the Risk Assessment team:
  • Be responsible for performing Information Security Risk Assessments upon projects, suppliers and hybrid projects (technology projects with a supplier), KPMG managed technology solutions, managing demand and prioritising assessment appropriately.
  • Provide guidance towards completing risk assessments.
  • Provide consulting advice to CTO's, Technology Engineering and Operations, business service owners and 3rd parties on how best to implement the firm's information security policies.
  • Support the firm's mission to build client trust and confidence with regard to information security generally and information risk assessment specifically.
  • Stay abreast of industry best practice in relation to information risk assessments
  • Support the delivery of a high-quality and timely information risk assessment service to the firm.
  • Promote good information security practices and standards across the firm.


Information Risk Management


  • Proactively foster an environment that drives appropriate information risk control behaviour, including early anticipation, identification and mitigation of information risk, as well as escalation of issues in line with the Information Risk Management Framework.
  • Support the ongoing development and maintenance of the firm's Information Risk Management Framework, including its supporting methodologies, processes and artefacts.


Co-ordination


  • Ensure understanding of the Information Risk Assessment process and manage the process for specific assessments.
  • Support the Information Risk Assessments team with other ad-hoc work as required.


Awareness and collaboration


  • Establish strong relationships with business, functional teams and other relevant stakeholders.
  • Build on and preserve the firm's reputation with third-party suppliers around information security.


Benefits expected


  • Aspire to KPMG Values: Integrity, Excellence, Courage, Together and For Better
  • Expand Information security knowledge and experience by using all learning resources available within KPMG.
  • Develop and grow as an individual by leveraging personal strengths, working through areas of development and comfortable in receiving and giving constructive and objective feedback.


Knowledge, Experience and Skills

Technical knowledge and qualifications


  • A minimum of 3 years' experience of technical information security risk assessments required.
  • Good working knowledge of industry best practice around information security controls covering: cloud security, network security, application security, encryption, information security testing, vulnerability management, access governance, and SaaS assurance.
  • Familiarity with information security standards (e.g. Cyber Essentials, ISO 27001, NIST Cybersecurity Framework, CIS Top 20 Controls).
  • Understanding of personal data and privacy.
  • Security certifications desirable.


Personal qualities and leadership skills


  • Excellent English-language communication skills essential - both spoken and written.
  • Diligent and focused, with the ability to prioritise multiple tasks and manage multiple risk assessments concurrently by themselves.
  • Ability to deal with a broad range of stakeholders at all levels, both internal and external, in a confident and assured manner. Happy to engage, manage, chase and communicate with stakeholders.
  • Good team player who is enthusiastic about engaging with the wider Information Risk Assessment team, and with the ability to act independently and exercise sound judgment.
  • Assertive, by being able to articulate technical concerns with stakeholders.


Analytical skills


  • Strong analytical and problem-solving skills, with excellent attention to detail.
  • Proven ability to identify and articulate information security requirements, risks and issues, and formulate clear decisions and recommendations.
  • Ability to understand business drivers and risk appetite, in order to make informed risk assessment decisions.


Other requirements


  • Covering at least 75% of UK working hours.
  • Willing and able to obtain BPSS clearance for the UK.

Post Jobs Online Apply Job
Information Risk Assessment Assistant Manager
KPMG-UnitedKingdom

https://us-jobs.kpmg.com/careers
New York, United States
Paul Knopp
$25 to $50 million (USD)
1001 to 5000 Employees
Company - Private
Business Consulting
Management & Consulting
1987
Apply Job
Related Jobs

All Related Listed jobs

Team Member
Team Member
Pizza Hut Nottingham, England 10.42 GBP HOURLY Today

And youll want to wow guests with your own outstanding customer service. Listening to, and carrying out, customer and colleague requests.

FOH Server
FOH Server
Miller and carter Bath Bath, England 10.42 GBP HOURLY Today

Work with our team to create a friendly atmosphere our guests will love. Maintain the highest standards of cleanliness and safety.

Customer Assistant - Foods - Weekends - Hale SF - 15hrs
Customer Assistant - Foods - Weekends - Hale SF - 15hrs
M&S Altrincham, England 10.9 GBP HOURLY Today

To deliver a great shopping experience for their customers, putting customers before task every time. Serve our customers efficiently and brilliantly well on

Care Assistant
Care Assistant
Caring Homes United Kingdom 12 GBP HOURLY Today

Wagestream this enables you to keep track of your earnings, have instant access to 40% of wages already earned and access guidance to help with financial

Live-in Care Assistant
Live-in Care Assistant
The Agincare Group Manchester, England 15 - 20 GBP HOURLY Today

In this role you'll be supporting your client in their own home seven days a week to remain as independent as possible. Receive a 500 welcome bonus.