Share this Job

Head of Strategy and Portfolio

Date: Sep 7, 2021

Location: London, United Kingdom

Company: KPMG UK

The Head of Strategy & Portfolio leads a small team to manage investment in InfoSec to uplift overall information security, to ensure innovation is built into new and existing services and the determine and manage demand across the UK Firm.

This teams need to work in close cooperation with other parts of the organisation (e.g. innovation, GSOC), and business and technology leaders), and is the key pivot point to ensure the strategic direction is being followed, whilst begin open to changes in the business requirements and the evolution of technological innovation. The team will be made of 3 permanent team members, including this role.


• The role involves being accountable for determining and enabling investment into InfoSec to meet the demands of the Firm, in line with the InfoSec strategy.
• Ensure the strategy is articulated comprehensively and aligned overall
• Assess and review new and market leading product offerings and effectively cost, pilot and deploy into KPMG UK to keep our firm & our clients’ data safe
• Determine and manage demand across the business, develop and maintain the security projects roadmap

The Strategy and Portfolio Lead will:

• Oversee the strategy for Information Security and ensure the services delivered by the InfoSec team are aligned and contribute to that.
• Accountable for the overall portfolio and governance for all inflight transformation projects across Information Security
• Accountable for portfolio performance and reporting against the Information Security Roadmap and associated business case using the firm wide PPM tools.
• Elicit demand, determining feasibility and agreeing an overall roadmap for Information Security with business sponsors and CISO
• Establish and own the demand process and the prioritisation and discovery/feasibility process within it
• Working with the Business Sponsors drive successful delivery of the change into the business
• Ensure there is alignment with existing technology, architectural and transformation forums
• Support Business Sponsors in producing, refining and gaining an investment decision against a business case
• Work with Security Operations to ensure that there is alignment, synergies and overall compatibility on what is on the transformation roadmap and what is currently live in the current landscape
• Work collaboratively with aligned groups across technology to balance demand and resources to enable prioritisation of investment and provide a consistent and reliable service & approach;
• Set up and run fora to manage prioritisation and investment within InfoSec and communication out to the Firm
• Manage the InfoSec investment budget and the interfaces with the KPMG governing bodies and associated processes
• Actively build and manage relationships with key stakeholders and ensure customer satisfaction, by understanding the business context and priorities, monitoring quality and impact, and reviewing and evolving the approach as necessary;
• Create relevant demand processes, criteria to develop a demand pipeline and assessment process with relevant governance
• Establish an Information Security Technology Product Roadmap review
• Manage Discovery/POC pilots
• Lead and manage a team of high performing professionals in delivering the service;
• Provide opportunities and training to develop the skills needed to meet the future needs of the service;
• Be accountable for ensuring collateral is easily accessible, relevant, available and up to date across several channels
• Provide internal support to the Information Security team and support them in developing business cases related to their project areas

Prior experience
You must have:

• Excellent and relevant experience in a similar leadership role;
• Track record in managing complex technology portfolios and roadmap
• Demonstrated ability to engage with senior business stakeholders and manage competing demands
• Experience in setting up new governance procedures and communicating dificult outcomes
• Be able to demonstrate the ability to adapt communication style to explain technical concepts to different people within an organisation whether advising stakeholders, directing teams or sharing experience;
• Experience in translating security requirements into impacts for senior stakeholders
• Experience In developing active communities that share knowledge and experience around a domain
• Experience in creating Business cases
• Experience in managing third party providers

Job Segment: Information Security, Strategy, Technology