Information Security Risk Analyst

Job Description

• Immerse yourself in our inclusive, diverse and supportive culture
• Choose the way you want to work by embracing our flexible work arrangement
• Collaborate with sector and technical experts to grow your knowledge and network

KPMG Australia is part of a global network providing extensive services across a wide range of industries and sectors. Our people collaborate, share their expertise and create innovation as we partner with clients to solve complex challenges, empower change, drive disruption and growth. We look for talented people with the potential to make an extraordinary difference for our clients, our firm and our communities.

KPMG’s Technology & Information Risk Management is your opportunity to be part of a team on the rise! Rapidly growing with many competent individuals with various technical backgrounds, the Security Risk team supports business stakeholders in bringing their ideas to life while helping them to shape the future of the firm, by exploring and embedding new forms of growth.

Your Opportunity

The role of the Information Security Risk Analyst at KPMG contributes to the improvement of the company's information security posture and provides support to various departments within the organisation in several ways:

• Identifying and Managing Risks: The analyst helps in identifying and managing cyber security and other technology and information risks. This involves performing threat assessments to identify potential risks to the business and determining the preventative controls in place.
• Enhancing Business Resilience: The analyst contributes to enhancing the organisation's business resilience by designing and implementing effective controls over technology assets. This helps in building the organisation's resilience and strengthening core controls to meet the challenges of technology and information risks.
• Compliance and Governance: The analyst assists the organisation in meeting its IT compliance and governance obligations in a way that enhances business objectives. This includes developing continuous assurance and monitoring capabilities to optimise the use of resources.

In summary, the role of the Information Security Risk Analyst is crucial in maintaining KPMG's information protection agenda as the business and technology programmes evolve, providing greater visibility and understanding of changing risks.

Key Duties & Responsibilities: 

• Assess various domains aspects of information security risk for KPMG Australia and develop recommendations for improvement
• Assess systems/solution/application architecture documents from a cyber security lens
• Assist and at times lead, in providing information security reporting to local IT leadership, regional and global leadership
• Assess risks and provide subject matter expertise associated with acquisitions, the onboarding of vendor solutions, technology, and services.
• Recommend and ensure security controls are proportionate to mitigate threats
• Lead initiatives to improve the security posture of the firm, increase efficiency and/or new ways to assess emerging technologies (such as AI, blockchain, quantum computing, and more)

How are you extraordinary?

• You actively seek out opportunities for growth, are comfortable challenging the status quo, and enjoy getting out of your comfort zone.
• You are passionate about the importance of fantastic communication to share ideas, inspire, and create change. You are able to digest, distil, and communicate complex concepts in both written and verbal forms.

Your Experience

• Knowledge in security standards and frameworks, such as ISO27001, NIST 800-53, Cloud Services, Risk Management, Security & Privacy Controls
• Knowledge of Cloud technologies and architectures (AWS and/or Azure)
• Knowledge of various application architectures
• Accreditation in one of the following, CISM, CRISC, CISSP or other relevant certifications, such as AWS or Azure cloud technologies would be advantageous

Qualifications

Minimum of a bachelor’s degree in an information technology or business-related discipline.

Additional Information

KPMG is a professional services firm with global outreach and deep sector experience. We work with clients across an array of industries to solve complex challenges, steer change and enable growth. 

Our people are what make KPMG the thriving workplace that it is and what sets us apart is that we know great minds think differently. Collaborate with a team of passionate, highly skilled professionals who’ve got your back. You’ll build relationships with unique and diverse colleagues who will provide you with the support you need to be your best and produce meaningful and impactful work in an inclusive, equitable culture.

At KPMG, you’ll take control over how you work. We’re embracing a new way of working in many ways, from offering flexible hours and locations to generous paid parental leave and career breaks. Our people enjoy a variety of exciting perks, including retail discounts, health and wellbeing initiatives, learning and growth opportunities, salary packaging options and more.

Diverse candidates have diverse needs. During your recruitment journey, information will be provided about adjustment requests. If you require additional support before submitting your application, please contact the Talent Support Team.

At KPMG every career is different, and we look forward to seeing how you grow with us.