Manager, Technology Risk Management

Job Description

KPMG is currently seeking a Manager/Director in Technology Risk for our Risk Advisory Solutions practice.

Responsibilities:

• Design and execute the day-to-day activities of Information Technology (IT) audit engagements, with a focus on strategic, operational and regulatory/compliance related risks
• Plan activities related to development of audit program, and execution of internal audits and IT control assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, General Information Technology Controls (GITCs) and application controls, and regulatory/compliance requirements
• Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management
• Contribute to IT Audit knowledge base and internal practice development initiatives
• Supervise and provide performance management for IT audit staff working on assigned engagements

Additional Responsibilities for Director:

• Write and present clear and concise reports and presentations containing meaningful observations and recommendations to clients, and document procedures performed and conclusions reached related to projects
• Support proposal and business development activities by assisting in the identification of new target clients, building business relationships with key executives, and developing/presenting proposals
• Provide oversight and leadership to KPMG team members regarding deliverables, project plans, and performance management while contributing to industry and regulatory publications, writing professional and thought leadership articles, and speaking at related conferences and seminars

Qualifications:

• A minimum of five years of experience working within an internal audit or IT compliance function as an internal employee or as part of a professional services firm, in the Financial Services Industry
• Bachelor's degree in an appropriate field from an accredited college/university; Master's degree from an accredited college/university is preferred
• Prior knowledge leading and executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL and proficiency in core requirements and methodologies for SOX internal control programs
• Experience with IT Risk Management and three lines of defense frameworks
• CISA, PMP, CISSP or CRISC certification is preferred
• Travel as needed
• Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future

Additional Qualifications for Director:

• A minimum of eight years of relevant experience
• Demonstrated ability to identify business opportunities, lead project engagements, attract new business, and build lasting professional relationships with senior client executives