Senior - TR (Cloud)

Job Requirements

KPMG Global Services is currently seeking an Senior in Technology Risk Management for our Consulting practice.

Responsibilities:

•   Experience in working on either one or more of Cybersecurity audits, Cybersecurity risk assessments, Cloud security, IT internal control, Regulatory compliance and IT risk consulting engagements, leveraging IT governance and control frameworks such as COBIT, NIST CSF, CIS Controls, ISO/IEC 27001 and 27002, GDPR (General Data Protection Regulation), CSA STAR ISO/IEC 27017 and ITIL •   Conduct assessments using IT risk and control frameworks; knowledge of sustainable solutions (including applying knowledge of governance, risk, and compliance tools), operating processes and people models to address key and evolving risks, as necessary to Enterprise or cloud environments. •   Exposure to design and develop control for either cloud environments (AWS, Azure, GCP), DevOps, API, emerging technology, and digital solutions, strategic, operational, regulatory/compliance, and/or industry related risks. •   Assist in planning activities, development of IT Risk and IT control assessments in the following areas:  IT strategy and governance, IT operations, network and infrastructure security, cloud and third-party risk, programs and projects, automation, GITCs and application controls, and regulatory/compliance requirements. •   Draft comprehensive executive summaries and final reports for delivery to client senior management and document and review engagement workpapers in accordance with standard KPMG and industry-accepted internal audit methodologies •   Assist in kick-off, status, and closing meetings with engagement team and client and contribute to IT Audit knowledge base and internal practice development initiatives. •   Helping AM and Managers to manage and upskill the team.

 

Mandatory Skills

•   Education Qualification: BE / B-Tech or Science graduate; Post-Graduates (MBA / MCA / MTech) or equivalent. •   Certifications like CEH, CISSP, CRISC, ISO 27001 LA / LI, PMP, relevant cloud certifications of Azure, GCP and/or AWS preferred.

 

Preferred Skills 

• Excellent written and communication skills
• Self-driven
• Team Player
• Ability to work independently and motivate team member

 

 

 

 

 

#KGS 

#LI-AB4

Job Requirements

KPMG Global Services is currently seeking an Senior in Technology Risk Management for our Consulting practice.

Responsibilities:

•   Experience in working on either one or more of Cybersecurity audits, Cybersecurity risk assessments, Cloud security, IT internal control, Regulatory compliance and IT risk consulting engagements, leveraging IT governance and control frameworks such as COBIT, NIST CSF, CIS Controls, ISO/IEC 27001 and 27002, GDPR (General Data Protection Regulation), CSA STAR ISO/IEC 27017 and ITIL •   Conduct assessments using IT risk and control frameworks; knowledge of sustainable solutions (including applying knowledge of governance, risk, and compliance tools), operating processes and people models to address key and evolving risks, as necessary to Enterprise or cloud environments. •   Exposure to design and develop control for either cloud environments (AWS, Azure, GCP), DevOps, API, emerging technology, and digital solutions, strategic, operational, regulatory/compliance, and/or industry related risks. •   Assist in planning activities, development of IT Risk and IT control assessments in the following areas:  IT strategy and governance, IT operations, network and infrastructure security, cloud and third-party risk, programs and projects, automation, GITCs and application controls, and regulatory/compliance requirements. •   Draft comprehensive executive summaries and final reports for delivery to client senior management and document and review engagement workpapers in accordance with standard KPMG and industry-accepted internal audit methodologies •   Assist in kick-off, status, and closing meetings with engagement team and client and contribute to IT Audit knowledge base and internal practice development initiatives. •   Helping AM and Managers to manage and upskill the team.

 

Mandatory Skills

•   Education Qualification: BE / B-Tech or Science graduate; Post-Graduates (MBA / MCA / MTech) or equivalent. •   Certifications like CEH, CISSP, CRISC, ISO 27001 LA / LI, PMP, relevant cloud certifications of Azure, GCP and/or AWS preferred.

 

Preferred Skills 

• Excellent written and communication skills
• Self-driven
• Team Player
• Ability to work independently and motivate team member

 

 

#KGS 

#LI-AB4

Qualifications:

•   The candidate must have 4-6 years of relevant experience, preferably with a Big 4 firm and have worked in a similar role.

•   Prior experience of executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL and proficiency in core requirements and methodologies for SOX internal control programs •   Experience in testing of IT risk and IT internal control processes and programs •   Having experience in one or more following areas Cloud security (GCP, Azure and/or AWS), Dev SecOps, API security, emerging technology (AI, Quantum, etc.) and digital solutions, strategic, operational, regulatory/compliance, and industry related risks •   Potential focus on more specialized skills around emerging technology and digital solutions, strategic, operational, regulatory/compliance, and industry related risks •    Knowledge of end-to-end software development lifecycles (compilation, testing, scanning, deployment etc) using automated pipelines (ideally GitHub actions but others are still good experience – Jenkins, Bamboo etc) is preferable. •   Good knowledge of Code scanning tools and hands on knowledge of DevOps •   Experience in Agile, environment would be desirable.