Share this Job

Information System Security Officer (ISSO)

Date: Apr 28, 2021

Location: London, United Kingdom

Company: KPMG UK

KPMGI Group Context and Background
ITS Global (Information Technology Services Global) is one of four pillars within KPMG’s Global Technology & Knowledge group. As such, ITS Global provides innovative components that KPMG’s business functions and member firms use to deliver client-facing solutions.

ITS Global also provides the information protection and technology infrastructure that secures KPMG’s technology environment and connects its network of member firms. ITS Global works with the other GT&K pillars to provide KPMG technology solutions that leverage world-leading partnerships, disruptive digital capabilities and access to the firm’s collective intelligence.

Role Summary
The Information System Security Officer (ISSO), Manager, leads the security activities associated with defining, creating and maintaining documentation for assessing, describing and attesting to the security worthiness of KPMG platforms. The ISSO serves as the focal-point for KPMG platform security project coordination and security design evaluation of system modifications and technology advances.

Key Accountabilities:
- 20% Proactive responsibility for ensuring inclusion of security standards and alignment with technical and reference architectures
- 15% Support new and ongoing assessment through the IPG Solution Review process
- 10% Acting as a point of contact for consultation and assessment of inquiries from project teams
- 20% Working with project teams to translate business requirements into secure solutions, reference architectures and designs.
- 5% People Management
- 10% Represent IPG and provide input of security standards as part of working group participation
- 10% Lead and Support Security Architecture team
- 10% Communicate with IPG Leadership on escalations on issues and risks effectively“Everyone a Leader” Competencies
- Champion inclusion: Creates an environment in which all people feel like they belong
- Drive quality: Delivers high-quality products and exceptional service that provide value and exceed client expectations
- Advance an ethical environment: Takes personal responsibility for the ethical environment of the firm and encourages others to do the same
- Apply a strategic perspective: Uses diverse sets of inputs to develop a broad perspective on business and people issues
- Make sound decisions: Exercises sound ethical and business judgment when making decisions
- Foster innovation: Embraces a culture of innovation and experimentation to create value
- Demonstrate self-awareness: Focuses on self-development and continuous learning, using insight to build capability and confidence
- Build collaborative relationships: Connects with individuals, teams and organizations to build lasting, collaborative relationships that enable global, firm-wide growth
- Develop and motivate others: Engages teams, instills confidence, and coaches people to find meaning in their work and achieve exceptional resultsTechnical Skills & Qualifications
‒ Experience in supporting information security operations, specifically monitoring, troubleshooting, maintaining mission critical networks and information systems, and conducting vulnerability assessments using various tools.
‒ Experience in cloud security architecture design, documentation, and better practices; understand enterprise architecture frameworks and can independently author and assess technical architectures for compliance to security standard and better practices.
‒ A holistic understanding of attack vectors, current threats, and remediation strategies. Experience with computer forensics practices and procedures, basic investigations, and evidence handling is preferred.
‒ Professional certifications in information technology and cloud security -- CISSP preferred (must obtain within 90-days), CCSP (optional), CISA (optional), CEH (optional), OSCP (optional); Azure Solutions Architect Certification (preferred but not required with demonstrated professional work experience).
‒ Customer and business focus and adeptness in interacting with customers to provide process and technical information in response to inquiries, concerns, and requests about processes, products and services.

Description of level of Qualifications
‒ Bachelor's degree in Computer Science(s), Information Technology/Security, Systems Engineering or similar area; Master’s degree preferred
‒ Demonstrated ability to lead and collaborate with a globally dispersed, multi-cultural and multi-discipline team; seek personal and technical feedback to further improve deliverables, improve service and develop teams.
‒ Strong written and oral communication skills for effective communication at all organizational levels; attention to detail and pride in well-presented and accurate work.
‒ Able to provide support outside of standard working hours and support international teams.

Experience & Knowledge
Relevant IT and IT security experience, with a growing focus in Microsoft O365 and Azure
‒ Background working on large-scale international projects and the ability to manage multiple processes and projects at once while building constructive working relationships across the different teams, functions, cultures, genders and demonstrating KPMG behaviors and values.
‒ Ability to plan large projects and prepare executive level reporting including financial analysis; capable of strategic thinking and of moving strategic plans into action; familiar with information system security architectural documentation standards; able to apply IT security standards, directives, guidance and policies to an architectural and risk based frameworks.


Job Segment: Information Systems, Computer Science, Security Guard, Security Officer, Security, Technology