Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today’s most important industries. Our growth is driven by delivering real results for our clients. It’s also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it’s no wonder we’re consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you’re as passionate about your future as we are, join our team.

KPMG is currently seeking a Manager, IT Risk Assessment to join our KPMG Technology.

Responsibilities:

• Perform information security risk assessments of technology enabled projects; activities include vendor reviews, security requirement definition, facilitation of security testing and management of residual risk
• Advise and guide project teams regarding compensating control alternatives where security requirements cannot be met
• Act as the primary point of contact between IT project teams and IT Security groups to help ensure that appropriate security resources are scheduled and that security-related project objectives and timelines are met
• Perform Vendor Security assessments activities include evaluation of vendor controls and practices, process enhancements, performing on site assessments, reviewing security test reports, and analyzing and developing security requirements
• Communicate and track remediation plans with vendors and IT teams and where applicable recommend mitigating/compensating controls

Qualifications:

• Five years of experience performing IT security risk assessments and experience in Information Security
• Bachelor’s degree from an accredited college or university; must have CISSP and CCSP certifications
• Demonstrated experience understanding of security principles, IT security controls, and related technologies and products
• Prior experience in conducting Information Security risk assessments
• Strong verbal/written communication, with ability to effectively interact with individuals at all levels of responsibility and authority; must be able to prioritize, delegate, and foster the development of high performance teams to lead/support an environment driven by customer service and team work
• Strong trouble-shooting and organizational skills and ability to work on multiple projects simultaneously; ability to participate in resource planning processes based on defined organizational plans

KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. All qualified applicants are considered for employment without regard to race, color, creed, religion, age, sex/gender, national origin, ancestry, citizenship status, marital status, sexual orientation, gender identity or expression, disability, physical or mental handicap unrelated to ability, pregnancy, veteran status, unfavorable discharge from military service, genetic information, personal appearance, family responsibility, matriculation or political affiliation, or other legally protected status. KPMG maintains a drug-free workplace. KPMG will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable local, state or federal law (including San Francisco Ordinance number 131192). No phone calls or agencies please.