Educational requirements: Bachelor
English requirements: Competent English
Requirements for skilled employment experience for years: 3-5 years
Required residence status: Temporary visa, Permanent resident, Citizen
Accept remote work: unacceptable
Key duties & responsibilities:
Assess Aspects of information security risk for KPMG Australia and develop recommendations for improvement
Assist and at times lead, in providing information security reporting to local IT leadership, regional and global leadership
Coordinate with other aspects of the business including, Legal, Corporate Risk Management, People and Inclusion or Human Resources, the Chief Information Security Officer (CISO), Generalist IT and the Privacy Officer
Assess risks and provide advice associated with acquisitions, vendors, technology, and services
Assist in developing the processes, and maintaining the ISO vulnerability management portfolio
Assist in work with ASPAC, Regional or Global teams to implement broader information security initiatives
Ensure that appropriate policies and controls are enforced upon third parties and/or subcontractors to the KPMG firm to protect the firm’s infrastructure and data
Assist in the assessment of technical reports provided by the Security Engineering and Architecture
Mentor junior team members
What our ideal profile looks like:
Minimum of a bachelor’s degree in an information technology or business-related discipline
Minimum 4 to 5 years of experience in technology roles, preferably with involvement in a combination of assurance & risk management, systems architecture, cloud architecture, systems design, security risk, security compliance and leadership
Required to have accreditation in one of the following, CISM, CRISC, CISSP, SABSA or other relevant certifications, such as AWS or Azure cloud technologies.
A valid Australian Driver’s License (any State or territory)
Criminal Records Check, National NV-1 security clearance desirable
What we’re looking for:
Demonstrated experience in risk management
Demonstrated experience using governance & risk tools
Proven ability to manage and coordinate multiple tasks/deliverables in a dynamic environment
Attention to detail and effective analysis skills are critical to this role
Well-developed written, verbal and negotiation skills
Service Now
Demonstrated Knowledge in security frameworks and standards such as ISO, NIST, Cloud Services, Risk Management, Information Security Guidelines
Agile Development Methodology, Microsoft Azure DevOps and/or Jira
DREAD Risk rating assessment tool
STRIDE Threat classification
Theoretical and demonstrated knowledge of Cloud technologies and architectures (AWS and/or Azure)
This is a senior cybersecurity role with a very strong focus on developing strategic cybersecurity solutions with enduring benefit for the firm and customers. This role will provide direction and assistance in the development and training of other members of the Information Security Office within KPMG-AU.
