Assitant Manager - TR (Cloud)
Bengaluru, Karnataka, India
KPMG India
KPMG is a global network of professional firms providing Audit, Tax and Advisory services.Job Requirements
KPMG Global Services is currently seeking an Assitant Manager in Technology Risk Management for our Consulting practice.
Responsibilities:
• Experience in working on either two or more of Cybersecurity audits, Cybersecurity risk assessments, Cloud security, IT internal control, Regulatory compliance and IT risk consulting engagements, leveraging IT governance and control frameworks such as COBIT, NIST CSF, CIS Controls, ISO/IEC 27001 and 27002, GDPR (General Data Protection Regulation), CSA STAR ISO/IEC 27017 and ITIL
• Conduct assessments using IT risk and control frameworks; knowledge of sustainable solutions (including applying knowledge of governance, risk, and compliance tools), operating processes and people models to address key and evolving risks, as necessary to Enterprise or cloud environments. • Exposure to design and develop control for more than on of cloud environments (AWS, Azure, GCP), DevOps, API, AI, emerging technology, and digital solutions, strategic, operational, regulatory/compliance, and/or industry related risks. • Assist in planning activities, development of assessments, and execution engagements. • Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management. • Draft comprehensive executive summaries and final reports for delivery to client senior management and document and review engagement workpapers in accordance with standard KPMG and industry-accepted internal audit methodologies • Assist in kick-off, status, and closing meetings with engagement team and client and contribute to IT Audit knowledge base and internal practice development initiatives. • Helping Managers or Directors to manage and upskill the team.
Mandatory Skills
• Education Qualification: BE / B-Tech or Science graduate; Post-Graduates (MBA / MCA / MTech) or equivalent. • Certifications like CEH, CISSP, CRISC, ISO 27001 LA / LI, PMP, relevant cloud certifications of Azure, GCP and/or AWS preferred.
Preferred Skills
- Excellent written and communication skills
- Self-driven
- Team Player
- Ability to work independently and motivate team member
#KGS
#LI-AB4
Job Requirements
KPMG Global Services is currently seeking an Assistant Manager in Technology Risk Management for our Consulting practice.
Responsibilities:
Experience in working on either two or more of Cybersecurity audits, Cybersecurity risk assessments, Cloud security, IT internal control, Regulatory compliance and IT risk consulting engagements, leveraging IT governance and control frameworks such as COBIT, NIST CSF, CIS Controls, ISO/IEC 27001 and 27002, GDPR (General Data Protection Regulation), CSA STAR ISO/IEC 27017 and ITIL
• Conduct assessments using IT risk and control frameworks; knowledge of sustainable solutions (including applying knowledge of governance, risk, and compliance tools), operating processes and people models to address key and evolving risks, as necessary to Enterprise or cloud environments. • Exposure to design and develop control for more than on of cloud environments (AWS, Azure, GCP), DevOps, API, AI, emerging technology, and digital solutions, strategic, operational, regulatory/compliance, and/or industry related risks. • Assist in planning activities, development of assessments, and execution engagements. • Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management. • Draft comprehensive executive summaries and final reports for delivery to client senior management and document and review engagement workpapers in accordance with standard KPMG and industry-accepted internal audit methodologies • Assist in kick-off, status, and closing meetings with engagement team and client and contribute to IT Audit knowledge base and internal practice development initiatives. • Helping Managers or Directors to manage and upskill the team.
Mandatory Skills
• Education Qualification: BE / B-Tech or Science graduate; Post-Graduates (MBA / MCA / MTech) or equivalent. • Certifications like CEH, CISSP, CRISC, ISO 27001 LA / LI, PMP, relevant cloud certifications of Azure, GCP and/or AWS preferred.
Preferred Skills
- Excellent written and communication skills
- Self-driven
- Team Player
- Ability to work independently and motivate team member
#KGS
#LI-AB4
Qualifications:
• The candidate must have 6-8 years of relevant experience, preferably with a Big 4 firm and have worked in a similar role. • Prior experience of executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as ISO 27001, NIST, and ITIL and proficiency in core requirements and methodologies for SOX internal control programs • Experience in testing of IT risk and control specifically for processes and programs • Having experience in more than one of the following areas Cloud security (GCP, Azure and/or AWS), Dev SecOps, API security, emerging technology (AI, Quantum, etc.) and digital solutions, strategic, operational, regulatory/compliance, and industry related risks • Potential focus on more specialized skills around emerging technology and digital solutions, strategic, operational, regulatory/compliance, and industry related risks • Knowledge of end-to-end software development lifecycles (compilation, testing, scanning, deployment etc) using automated pipelines (ideally GitHub actions but others are still good experience – Jenkins, Bamboo etc). • Good knowledge of Code scanning tools and hands on knowledge of DevOps • Experience in Agile, environment would be desirable.* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile APIs Audits AWS Azure CEH CISSP Cloud COBIT Compliance CRISC DevOps GCP GDPR GitHub Governance ISO 27001 ITIL Jenkins NIST Risk assessment Risk management SecOps SOX
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Engineer jobs
- Open Cloud Security Architect jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Security Consultant jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information System Security Officer jobs
- Open IT Security Analyst jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open DevSecOps-related jobs