CISM - Certified Information Security Manager
CRISC - Certified in Risk and Information Systems Control
As a key member of the Information Security Team in Canada and reporting to the Chief Information Security Officer, this role is responsible for ensuring KPMG Canada platforms and technology meet KPMG’s Canadian and Global security requirements. Leading a team of architects, engineers and analysts, the Senior Manager oversees security posture of KPMG Canada cloud and on-prem platforms for adherence to security requirements. The Senior Manager assesses products, technologies and platforms for adherence to security requirements, develops security solutions, proposes and oversees implementations to address any gaps.
Overview of the opportunity:
The Senior Manager plans for security capabilities, solutions and tools required to support multi-year technology roadmaps, proposes products required to monitor ongoing adherence to security guardrails, oversees their implementation and manages these tools through their lifecycle. The Senior Manager also supports the CISO in managing the overall security program and contributes to its strategy, advancement, governance, monitoring and effectiveness.
The Senior Manager frequently interacts with project sponsors, technology teams, vendors, KPMG global and member firms as required. The Senior Manager works closely with the Canadian CISO, Practice Protection, Privacy, Legal and Information Technology groups as well as KPMG’s global Information Protection Group.
The Senior Manager has a good understanding of information security standards, architecture frameworks, security technologies, platforms, products and tools. The Senior Manager has previously managed solution architecture, solution delivery and security functions. The Senior Manager also understands the business environment and is able to articulate information security requirements within the overall business context.
What you will do:
Assist the CISO in managing the overall information security program.
Ensure that technology platforms and solutions are engineered to meet security requirements.
Advise and work with key stakeholders to address any gaps.
Propose and develop multi-year plans to advance maturity of the firm’s security program.
Oversee adherence to the firm’s Canadian and global security requirements for products, services and platforms used by KPMG Canada.
Support and counsel IT Architects, DevOps teams, solution architecture on topics related to information security.
Provide management reports and make presentations to business leaders as required.
Provide recommendations to improve overall security posture and compliance.
Maintain relationships with key stakeholders internally (within Canada, global and other major firms), partners and service providers necessary for effective maintenance of the security program.
Participate in and lead projects, as required, related to information security.
What you bring to the role:
8-10 years of broad IT experience which includes security architecture, solution design, technology assessments, program management, security operations and technical leadership.
2-3 years of security experience specific to cloud environments, such as Azure and AWS.
Strong business acumen and ability to understand the business context.
A university degree in a related discipline.
CISSP or CISM Certification is required. CISA and CRISC certification is an asset.
Excellent understanding of security control frameworks such as ISO 27001, NIST 800-53 and CIS.
Keys to your success:
Strong strategic and operational knowledge of key security products, tools and technologies.
Excellent communication skills and ability to represent CISO in interactions with partners and clients.
Excellent interpersonal, organizational and people management skills.
Telecommuting is allowed.
Internal Number: 2021-10449
You’ve got big plans. We have opportunities to match, and we’re committed to empowering you to become a better you, no matter what you do.
When you join KPMG you’ll be one of over 227,000 professionals providing audit, tax, advisory and business enablement services across 146 countries.
With the support to do things differently, grow personally and professionally and bring your whole self to work, there’s no limit to the impact you can make. Let’s do this.