In KPMG’s Management Consulting practice, we don't limit ourselves to either strategy or implementation. Instead, we deliver both. As part of the Greater Bay Area our team in Hong Kong represents a dynamic and enthusiastic team that always pushes itself to succeed. Since our creation, we've developed in-depth knowledge of an incredibly broad spread of sectors and services.
KPMG’s Technology Risk team focus on the use of technology by our clients and help 1st , 2nd and 3rd line of defense in navigating the relevant technology risk and compliance matters in a strategic and tactical manner. Our professionals do this by leveraging our strong industry, IT control and technology focus and experience; deploying leading methodologies and tools; applying our objectivity; using a balanced approach to growth and risk; utilizing our comprehensive global breadth and local knowledge; and calling upon our deep understanding of relevant business, financial, and regulatory inter-dependencies.
KPMG is currently seeking both Senior Consultants and Consultants to join the team
Responsibilities
- Assist in planning activities, development of audit program, and execution of IT-related audits and risk assessments in the following areas: cybersecurity, IT strategy and governance, IT operations, business continuity and disaster recovery, network and infrastructure security, cloud and third party risk, programs and projects, automation, GITCs and application controls, and regulatory/compliance requirements
- Review clients' processes and controls against leading practice and industry frameworks, identify gaps in design and execution, and communicate issues and recommendations to engagement leads and client management
- Work with client management team to assist in implementation of new processes and controls to address key risks, as necessary
- Draft comprehensive executive summaries and final reports for delivery to client senior management and document and review engagement workpapers in accordance with standard KPMG and industry-accepted methodologies
- Assist in kickoff, status, and closing meetings with engagement team and client and contribute to technology risk knowledge base and internal practice development initiatives
Additional Responsibilities For Senior Consultant
- Plan and execute IT-related audit engagements and risk assessments with a focus on strategic, operational and regulatory/compliance related risks
- Lead kickoff, status, and closing meetings with engagement team and client and contribute to technology risk knowledge base and internal practice development initiatives
- Supervise consultants on engagements
Qualifications
- Minimum of one year of experience working within an internal audit, IT risk or IT compliance function as an internal employee or as part of a professional services firm
- Bachelor's degree from an accredited college/university or equivalent work experience; CISA, PMP, CISSP or CRISC certification is preferred
- Familiarity leading and executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL
- Experience in implementation of internal control processes and programs for IT
- Proficiency in executing projects in accordance with leading practice project management principles
- Strong leadership and communication skills, technical knowledge, and the ability to write at a publication quality level in order to communicate findings and recommendations to the clients and senior management team
Additional Qualifications For Senior Consultant
- Minimum of three years of experience working within an internal audit, IT risk or IT compliance function as an internal employee or as part of a professional services firm
- Experience leading and executing risk-based IT-related internal audits and/or risk and control assessments, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL
We offer successful candidates an attractive remuneration package and the opportunity to work in a dynamic and exciting environment.
Personal data collected will be used for recruitment purposes only.
© 2020 KPMG, a Hong Kong partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ("KPMG International"), a Swiss entity. All rights reserved.