IT Assurance Senior Manager - Information Protection Audit Management

The KPMG International Information Protection Group (IPG) consists of multicultural global teams with strong information protection (security and privacy) experience. The Information Protection Audit Management (IPAM) services focus on management of certification, attestation and independent testing audits of global technology systems and services, alignment of efforts and efficiencies. The audits include cloud and traditional infrastructure as well as cloud solutions. Efficient and effective information protection audits provide required assurance and permission to operate for key KPMG technology solutions supporting client service delivery.

Primary Purpose and Goal

The KPMG International Information Protection Group (IPG) is looking for a dynamic candidate to fill the "Assurance Senior Manager, Information Protection Audit Management (IPAM)" role. This position offers great career growth supporting global information protection assurance efforts.

Responsibilities and Tasks
• The "Assurance Senior Manager, Information Protection Audit Management (IPAM)" will be responsible for managing multiple information protection audits of global technology services.
• Develops and maintains consistent and efficient information protection audit management framework and service roadmap. Updates framework and roadmap based on stakeholder feedback. Communicates and trains other resources on the framework process and procedures and leads delivery against established key performance indicators (short-term and long-term). Oversees activities to ensure that audits are planned, considering scope overlaps, stakeholder outreach and resource limitations, and managed according to procedures. Accountable for high quality service deliverables.
• Identifies trends and proposes robust solutions for challenges. Presents executive reports and communicates potential risks early on to management.
• Identifies themes in information protection audit observations and suggests solutions to efficiently address based on industry experience, leading practices and global technology group context.
• Collaborates with other IPG Assurance team members and other teams across IPG and global technology groups that undergo information protection audits, advising on suitable approach for auditable information protection practices and audit success, while ensuring minimum burden on business as usual activities.

Competencies and Experience

• Extensive audit experience in information protection (security and privacy), with demonstrable experience of leading and / or managing audits, such as ISO 27001 certification audits, System and Organization Control (SOC) 2 audits or technical security audits for cloud environments (internal and / or external).
• Information security auditing certifications a big plus, such as CISA or Certified ISO 27001 Lead Auditor.
• Strong information protection audit experience that includes scoping, planning, performing, managing, reporting and remediation monitoring activities.
• Information protection advisory / consulting experience with large global organizations a big plus.
• Proven track record of leading multiple projects or programs, through the management of teams of cross-discipline specialist. Ability to multi-task, adapt strategy based on competing priorities and work independently within a global team. High quality results delivery with attention to detail.
• Strong experience of senior stakeholder management, ability to apply forward thinking mindset, develop service strategy and understand business impact.
• Possess excellent business writing, reporting, presentation and communication skills in English.