USACares Jobs

Job Information

KPMG Sr. Associate, Cyber Security - Third Party Risk in Washington, District Of Columbia

Business Title: Sr. Associate, Cyber Security - Third Party Risk

Requisition Number: 53184 - 20

Function: Advisory

Area of Interest: Tech Enablement

State: DC

City: Washington

Description:

Historically, the travel requirement for this position has ranged from 80-100%. The safety and well-being of our people continues to be the top priority, and our decisions around travel are informed by government COVID-19 response directives, recommendations from leading health authorities, and guidance from a number of infectious disease experts. For now, all KPMG business travel, international and domestic, is currently restricted to client-essential sales/delivery activity only. At some point in the future and with the safety of people as the critical factor, the travel requirement will likely increase, possibly to previous levels, but KPMG is committed to balancing client requirements with new delivery capabilities.

The KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we don't anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory.

KPMG is currently seeking a Sr. Associate, Cyber Security, Third Party Risk in Technology Enablement for our Consulting practice.

Responsibilities:

  • Develop and implement third party security risk management wide risk strategy consistent with changing enterprise-specific and industry-wide risk and regulatory environment, and develop reports and scorecards, and implement third party security risk management training program to educate staff

  • Be able to execute design, implementation, maintenance, and enforcement of third-party security risk management policies, procedures, and controls

  • Execution of third-party security risk management program in client engagements

  • Identify key program level metrics, e.g. key performance indicators (KPI) and key risk indicators (KRI) to measure the effectiveness of the program and measure the risk inherited by the organization

  • Partner with other stakeholders (Enterprise Risk Management, Procurement, Information Security, Legal) to effectively coordinate the execution of third-party controls and identify technology integration opportunities and lead proof of concept engagements

Qualifications:

  • A minimum of three years of related work experience in an Information Security role, and credentials in cyber and privacy (e.g., CIPP, DMR CIPM, CIPT, CISSP, CTPRP); Non-certified hires are required to become certified within one year from the date of hire

  • Bachelor's degree required; Master's preferred

  • Understanding of leading third-party security risk management platforms and tools including but not limited to ServiceNow, Archer, OneTrust, BitSight, SecurityScore etc will be an added advantage

  • Exceptional interpersonal, team building, mentoring, and leadership skills with a demonstrated ability to gain the confidence and respect of senior level executives with a strong understanding of security risk management, integration with enterprise risk management, and the integration with business strategy

  • Ability and willingness to travel up to 80% of the time, work in a fast paced, results driven environment, grasp new technology, and contribute at a rapid pace

  • Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future

KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.

GL: 5

GF: 15304

DirectEmployers