Share this Job

Policy Manager - Global Information Protection Group

Date: Mar 31, 2021

Location: London, United Kingdom

Company: KPMG UK

The Team

ITS Global (Information Technology Services Global) is one of four pillars within KPMG’s Global Technology & Knowledge group. As such, ITS Global provides innovative components that KPMG’s business functions and member firms use to deliver client-facing solutions. ITS Global also provides the information protection and technology infrastructure that secures KPMG’s technology environment and connects its network of member firms. ITS Global works with the other GT&K pillars to provide KPMG technology solutions that leverage world-leading partnerships, disruptive digital capabilities and access to the firm’s collective intelligence.

The Role

The Global Security Advisory Service (GSAS) team provides information protection support and advice to the network of KPMG Member Firms, focusing on the NITSO and Privacy Liaison communities.

Regular communication with the NITSOs and Privacy Liaison via monthly calls and forums
Induction of new NITSOs/Privacy Liaisons
Risk profiles–reviewing current security posture and trends and providing recommendations on solutions to improve risk indicators
Maintaining the suite of Global Security Policies, Standards and Guidance
Supporting the uptake of IPG managed security services
Supporting KPMGi NITSO in relation to security operations, internal audit, ISMS and responding to client queries for ITS Global


Assist Global Policy Lead, in ensuring that the suite of KPMG global information protection policies, standards and requirements are managed, maintained, and reviewed. Publish and communicate policy and standards updates key stakeholders.
Working with GSAS service leads, assist member firms with remediation of issues with key controls, critical incidents, and other security requirements, as well as escalation to member firm and regional leadership as necessary and track progress.
Work with IPG pillars to support ongoing or new information protection initiatives, and adoption by Member firms
Working with other team members to ensure that workload is ‘load balanced’ to the reflect demand across the pillar and more widely across IPG

Skills, Experience and Qualifications

Professional security qualifications such as CISSP preferred but not essential. Applicant must be willing to obtain CISSP, if they are not already certified.
A Bachelor’s degree in Information Technology or related field required; Masters’ preferred.
Fluent in English
Capable of strategic thinking and of moving strategic plans into action
Experience managing and leading projects
Experience in matrix management environment
Experience with deploying and supporting large scale infrastructures and applications
Demonstrated experience mentoring and coaching and developing team members
Proven experience of working in an information protection role, with at least two years within a professional services or similar organisation.
Background working on large-scale international projects and the ability to manage multiple processes and projects at once.

Job Segment: Information Security, Information Technology, IT Manager, Manager, Internal Audit, Technology, Management, Finance