GISG (Global Information Security Group) is one of five domains within KPMG’s Global Technology & Knowledge group. GISG provides the information protection and technology infrastructure that secures KPMG’s technology environment and connects its network of member firms. GISG works with the other GT&K domains to ensure that appropriate security controls are in place for KPMG technology solutions.
Responsibilities
- Support RISO in advising member firms on the implementation of KPMG information risk and security standards / requirements.
- Maintain an up-to-date knowledge base comprising of a technical reference library, security advisories and alerts, information on global standard and best practices.
- Work with RISO to support member firm in improving their global technology standard compliance status.
- Recommend and support member firms to adopt technical controls to support and enforce defined security policies and global technology standard.
- Provide guidance on best practice, including infrastructure configuration and application development.
- Assess and provide recommendations on any exceptions to policies or standards.
- Monitor and report a consolidated regional view of global technology standard adoption status.
Requirements
- Background working on large-scale international services and the ability to manage multiple processes and service delivery at once while building constructive working relationships across the different teams, functions, cultures, genders and demonstrating KPMG behaviors and values.
- Security Operations / Managed Security Services experience preferred
- Working knowledge of multiple security topics such as threat intelligence, vulnerability management products, firewall management OR endpoint protection
- Experienced in deployment and maintenance of Microsoft products
- Keeps abreast of security related technology, practices and regulations in the marketplace and validates tools for use to improve the Managed Security Services offerings
- Experience in working in a matrix management environment.
- Bachelor's degree in Computer Science, Information Security, Information Systems, Computer Engineering, or a related field is required.
- Minimum 5 years of experience developing or managing an enterprise level of security programs.
- At least one industry certification preferred (e.g. CISSP, CISA, CISM, CRISC, ISAAP).
- Working knowledge of common IT security-related regulations and/or standards such as Sarbanes-Oxley and ISO highly desired.
- Strong oral and written communication skills.
- Must have strong analytical and critical-thinking skills.
- High-level of attention to detail and be a self-starter with ability to work independently, multi-task and adjust to shifting priorities.
⠀
Only shortlisted candidates will be contacted by KPMG Talent Acquisition team, personal data collected will be used for recruitment purposes only.
At KPMG in Singapore we are committed to creating a diverse and inclusive workplace. We believe that diversity of thought, background and experience strengthens relationships and delivers meaningful benefits to our people, our clients and communities. As an equal opportunity employer, all qualified applicants will receive consideration for employment regardless of age, race, gender identity or expression, colour, marital status, religion, sexual orientation, disability, or other non-merit factors. We celebrate the different talents that our people bring and support every staff member in their journey to achieve personal and professional growth. One of the ways we do this is through Take Charge: Flexi-work, our flexible working framework which enables agile and innovative teams to help deliver our business goals.
