Share this Job

Cyber Security - Internal Audit, Senior Manager

Date: Nov 29, 2018

Location: London, United Kingdom

Company: KPMG UK

AutoReq ID139809BR
Job TitleCyber Security - Internal Audit, Senior Manager
CountryUnited Kingdom
LocationLondon
FunctionRisk Consulting
Service LineRC Technology
Service Line InformationUsing a wide variety of technical and sector-specific skills, KPMG's Risk Consulting group proactively helps clients increase profits whilst reducing reputational, operational, financial and other risks. We are experienced in managing diverse issues including fraud, regulatory compliance, risk frameworks and modelling, capital efficiency, corporate governance, dispute resolution, deriving value from contracts and much more.

Technology - Our clients need to deal effectively with technology related risks and derive maximum value from data and documentation. Our specialists provide independent, jargon free advice and advanced technology capabilities to help our clients proactively manage their technology risks and use their data to its full potential.

KPMG OverviewKPMG is part of a global network of firms that offers Audit, Tax & Pensions, Consulting, Deal Advisory and Technology services. Through the talent of over 16,000 colleagues, we bring our creativity and insight to our clients’ most critical challenges.

With offices across the UK, we work with everyone from small start-ups and individuals to major multinationals, in virtually every industry imaginable. Our work is often complex, yet our vision is simple: to be the clear choice for our clients, for our people and for the communities we work in.

Job Description
KPMG has been acknowledged by Forrester as a leader in the provision of cyber security consultancy. We are investing to building out our corporates cyber consulting team to meet a growing demand and provide a comprehensive range of services to many of the largest corporate companies in the world.
We help our clients to protect, detect and respond to high end cyber threats; helping them understand the cyber threat landscape, make sensible decisions on investment priorities, and build out the specialist capabilities they need to counter cyber attacks and other threats.
We believe that cyber security is about helping our clients to harness business opportunities safely and securely. For us, cyber security isn’t just a technical issue, it is one which engages the whole business and focusses on a holistic approach to understanding and mitigating the risk.
Our team works closely with KPMG’s broader advisory practice to link cyber security to financial crime, risk management, operational resilience and IT transformation.

The Role
You will be a senior manager within the Cyber team specifically leading on cyber security and privacy Internal Audit and assurance projects. You will help to grow our business and also ensure our teams are able to deliver high quality advice and assurance to clients. You should expect to be involved in a wide range of challenging engagements, ranging from delivery of cyber and privacy audits as part of major internal co-source contracts, individual internal audit reviews, leading SME support to Internal Audit teams and leading third party security assurance projects. You will also support projects such as the optimisation of client security controls and cyber security programmes through to providing specialist support on issues such as cyber strategy, risks, assurance and governance.
Our clients are under regulatory scrutiny, but are also continually battling to match a rapidly changing cyber crime landscape threat while harnessing the opportunities offered by digital services.
As a senior manager in our team, we expect you to understand the world of corporate clients, and to be able to translate complex cyber security issues into straightforward, credible, jargon free advice to our clients; while making sure we can deliver the support they require.
If you are able to help our clients seize the opportunity offered by the digital world, and do so in a secure way, then you are the type of person we are looking for.

Responsibilities:
Management and delivery of challenging, complex client engagements to ensure delivery, quality and value to our clients by:
- Understanding their business challenges and the threats they face
- Helping them navigate the increasingly complex cyber security and privacy regulatory environment
- Planning, delivery and reporting of audit and assurance engagements over highest risk areas
- Advising on cyber security and privacy recommendations to mitigate cyber and privacy risk
- Linking cyber security to other consultancy offerings on risk management, resilience and IT transformation to provide holistic support to our clients
- Managing and delivering large, complex engagements
- Being a trusted engagement manager and a role model for quality and risk management practices
- Understanding of KPMG’s broader offerings to enable identification of business opportunities
- Leading sales and business development activities
- Developing constructive client relationships, both inside and outside of KPMG
- Coaching and developing team members through sharing of experience and knowledge, as well as managing the performance and development of other team members
- Building out and maintaining a professional network
- Upholding KPMG’s values by acting with integrity

The Person
- Track record within the FS or Corporate community showing an understanding of the cyber security business, threat and regulatory issues faced by clients (essential)
- Proven experience of understanding and managing aspects of cyber risk, including the assessment, analysis and reporting of cyber risk in a business context (essential)
- Proven experience of: security audit and assurance, certifications, third party assurance and cloud security (essential)
- Proven privacy experience especially in relation to GDPR, information management and the link between privacy and security (essential)
- Proven experience in business analysis and understanding of cyber security principles, standards, processes and technologies across a broad range of markets (essential)
- Experience of managing a large portfolio of third party security assurance reviews for clients including planning, overseeing delivery, reporting and escalation of issues as necessary
- Proven experience of successfully managing complex cyber security services in a commercial environment, ensuring the delivery of high quality work on time and to budget
- Proven ability to lead work at sustained levels of high intensity, and inspire drive and resilience in others
- Proven ability to analyse problems, identify core issues and recommend appropriate solutions
- Proven ability in taking appropriate action after monitoring/reviewing the progress and performance of others

Qualifications and Skills:
- Degree level qualified
- Experience of leading cyber security Internal Audit reviews
- Recognised cyber security qualifications (e.g. CISSP, CISM, ISO27001/2, etc.), or comparable experience
- Recognised privacy experience
- SOX or External Audit experience desirable
- Excellent communication skills (both written and oral), negotiation and project management skills
- Strong networking skills and a broad professional network
- Ability to interact with organisations at a senior levels

Our DealIf the chance to work with interesting clients and innovative technology wasn’t rewarding enough, we’ll motivate you in other ways too. At KPMG you can expect real responsibilities and opportunities to grow professionally.


‘Our Deal’ sets out all the different ways you’ll be rewarded at KPMG. Among other things you can benefit from honest conversations about your career as well as a range of other rewards. In all these ways and more, we have created an environment that can bring out the best in you.

Flexible WorkingWhile some of our client-facing professionals can be required to travel regularly, and at times be based at client sites, we are supportive where possible of helping you to achieve a balance between your home and work demands.

We are happy to discuss individual requirements and our range of flexible working arrangements could be of interest. Furthermore, as part of the recruitment process, we can put you in touch with people who work flexibly so you can understand from them what our culture is like.

Applying with a DisabilityKPMG are proud to be an inclusive, equal opportunity employer and we seek to attract and retain the best people from the widest possible talent pool. As a member of the Business Disability Forum we're committed to ensuring that you are treated fairly throughout our Recruitment Process. Should you be successful after the initial application stage, please discuss any reasonable adjustments that you may require, with your recruitment contact.

KPMG's commitment to diversity

KPMG consistently features in the Sunday Times Best Big Companies to work for, which has been recognised with a special achievement award to mark our 10 years in the Top 25. We are proud of the value we place on individuality; we want you to bring your full self to work and truly maximise your potential. We believe that your individuality helps us to deliver the best results for our clients. Diversity of background, diversity of experience, diversity of perspective - that's the KPMG difference. But, don't take our word for it, find out more about diversity at KPMG.

Returning to work after a break

At KPMG, we appreciate that returning to work after an extended career break can be daunting. We understand that those with experience who have taken a career break have a wealth of experience and knowledge to offer our organisation, which helps us to achieve our business goals. We will support you to refresh your skills, develop your confidence and provide a supportive network across the firm to help you best integrate into the working environment. This role welcomes applications for individuals who have been out of work for 18 months or more and who have previous relevant experience.

Policy for Agencies

KPMG has a commitment to sourcing candidates directly and as such we do not accept speculative CV’s from agencies. Please check here to see our policy on agencies: Policy


Job Segment: Consulting, Audit, Corporate Security, Internal Audit, Security, Technology, Finance