Senior Consultant / Consultant, Technology Risk, IT Advisory
July 22, 2020
In KPMG's Management Consulting practice, we don't limit ourselves to either strategy or implementation. Instead, we deliver both. As part of the Greater Bay Area our team in Hong Kong represents a dynamic and enthusiastic team that always pushes itself to succeed. Since our creation, we've developed in-depth knowledge of an incredibly broad spread of sectors and services.
KPMG's Technology Risk team focus on the use of technology by our clients and help 1st , 2nd and 3rd line of defense in navigating the relevant technology risk and compliance matters in a strategic and tactical manner. Our professionals do this by leveraging our strong industry, IT control and technology focus and experience; deploying leading methodologies and tools; applying our objectivity; using a balanced approach to growth and risk; utilizing our comprehensive global breadth and local knowledge; and calling upon our deep understanding of relevant business, financial, and regulatory inter-dependencies.
KPMG is currently seeking both Senior Consultants and Consultants to join the team
- Assist in planning activities, development of audit program, and execution of IT-related audits and risk assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, GITCs and application controls, and regulatory/compliance requirements - Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management - Work with client management team to assist in implementation of new processes and controls to address key risks, as necessary - Draft comprehensive executive summaries and final reports for delivery to client senior management and document and review engagement workpapers in accordance with standard KPMG and industry-accepted methodologies - Assist in kickoff, status, and closing meetings with engagement team and client and contribute to technology risk knowledge base and internal practice development initiatives
Additional Responsibilities For Senior Consultant
- Plan and execute IT-related audit engagements and risk assessments with a focus on strategic, operational and regulatory/compliance related risks - Lead kickoff, status, and closing meetings with engagement team and client and contribute to technology risk knowledge base and internal practice development initiatives - Supervise consultants on engagements
- Minimum of one year of experience working within an internal audit, IT risk or IT compliance function as an internal employee or as part of a professional services firm - Bachelor's degree from an accredited college/university or equivalent work experience; CISA, PMP, CISSP or CRISC certification is preferred - Familiarity leading and executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL - Experience in implementation of internal control processes and programs for IT - Proficiency in executing projects in accordance with leading practice project management principles - Strong leadership and communication skills, technical knowledge, and the ability to write at a publication quality level in order to communicate findings and recommendations to the clients and senior management team
Additional Qualifications For Senior Consultant
- Minimum of three years of experience working within an internal audit, IT risk or IT compliance function as an internal employee or as part of a professional services firm - Experience leading and executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL
We offer successful candidates an attractive remuneration package and the opportunity to work in a dynamic and exciting environment.
Personal data collected will be used for recruitment purposes only.