Remediation Support Specialist Information Assurance

KPMG ,
London, Greater London

Overview

Brief The role is within KPMG UK's Information Assurance Department, which is part of Information Security. The role will involve: Co-ordinating and driving remediation exercises with teams around the business (client-facing and internal), relating to various audits of KPMG's Information Security by clients, regulators, KPMG UK teams and KPMG Global teams Collating many the findings from multiple audits into an efficient set of remediation actions, where multiple findings relate to the same or similar issues Advising on design of mitigating controls where needed Working on requirements specifications with Policy SMEs, Architects and other Technical SMEs where remediation action requires systems changes or builds Potential non-remediation consulting support across the business in relation to Information Security Collaboration across Information Security functions, and wider, as required You will have experience with Information Security controls and/or audits, as well as reporting. What we are looking for from you Passion for information security. Ability to influence colleagues to drive remediation of findings in a collaborative manner. Ability to optimise security remediation processes Assistance to management in providing and improving management information. Ability to suggest changes to processes/systems from an information security perspective and provide pragmatic, risk based guidance. Ability to creating easy to understand documentation and to review documentation when required. Desire to share experiences with others to assist their learning and understanding. Active engagement with others in order to address their views/concerns. What you'll have done before Worked for at least 3 years' in an Information Security or Information Assurance role, preferably with a remediation or consultancy focus Have a proven track record of identifying and driving timely remediation in an enterprise or managed services role Have a good level of knowledge in findings and remediation management processes. Worked in a fast paced, customer service environment, delivering high quality information security services. Experience with a variety of risk controls. Have a proven track record of being able to adapt your communication style to explain risk and control concepts to different people within an organization. Certs you'll ideally have CISSP