Digital Risk Management Consultant at KPMG, London/Remote, 6 Months, £Contract Rate

Digital Risk Management Consultant

3h ago

Role Title: Digital Risk Management Consultant

Contract Length:  6 months 
Engagement Type:  Umbrella/PAYE
Location:  London, Hybrid

(ALL KPMG UK CONTRACTORS MUST RESIDE AND HAVE PROOF OF RIGHTS TO WORK IN THE UK) 

Role Purpose:

The role of the Global Digital Risk Consultant is to advance the Information Security Risk Management function so that it can provide visibility and insight of material risks to KPMG International within the domains of Information Security, Information Protection, Cyber Security and Data Privacy.

Key Responsibilities:

• Core Responsibilities:
  • Draft and re-release our main control library by reviewing AI related standards, AI industry best practice and emerging technologies
  • Analyse and refresh existing key control review processes, test steps, utilizing our main control library
  • Support our risk team in the development and testing of a new risk framework
  • Align, update and refresh policies with current risk management initiatives
• Applying knowledge of information Security, information protection, cyber security and data privacy to support the GDR team in maturation of the Risk Management Function
• Collect and analyse significant information, delivering high-quality reports and findings with excellent English skills, while adapting to changing priorities in a fast-paced environment, emphasizing attention to detail and critical thinking in execution.
• Establish and maintain an understanding of KPMG International operations, inclusive of systems, functions and activities.
• Establish and maintain stakeholder relationships across KPMG International to support consultation and collaborative engagement in line with        deliverables
• Utilize information security knowledge and best practice to support risk management transformation and associated activities
• Where needed, to support other teams within GDR such as maintaining our policies, delivering information security training, supplier management reviews, maintaining our ISMS, information security assurance activities, cyber insurance reports, data privacy operations and delivering quality security health reports.

Knowledge, Skills and Experience:

Essential

• Minimum 5 years’ experience of information security or any of its disciplines such as risk, compliance, governance or technology security, information protection, data security, digital risk management; or knowledge of standards such as ISO 27001 or NIST is required.

• Bachelor’s degree from an accredited college or university
• Information Security or Data Protection professional qualifications from either (ISC)², ISACA, Microsoft, NIST, SANS, CSA, CompTIA, or BCS such as      Cyber Security, SSCP, Security+, SC-900, GISF, FISMP, IAPP, CISSP, CISM or CRISC would be an advantage.
• Knowledge, involvement of and experience in security operations would be in useful.
• Experience in analysis of emerging technology, threats or risks would be useful.
• Excellent spoken and written English skills
• Experience with Artificial Intelligence solutions and/or requirements
• Understanding of PowerBI and associated reporting is desirable