Information Security Risk Analyst

Job Description

KPMG Australia is part of a global network providing extensive services across a wide range of industries and sectors. Our people collaborate, share their expertise, and create innovation as we partner with clients to solve complex challenges, empower change, drive disruption and growth. We look for talented people with the potential to make an extraordinary difference for our clients, our firm, and our communities.

KPMG’s Technology & Information Risk Management is your opportunity to be part of a team on the rise! Rapidly growing with many competent individuals with various technical backgrounds, the Security Risk team supports business stakeholders in bringing their ideas to life while helping them to shape the future of the firm, by exploring and embedding new forms of growth.

Your Opportunity

The role of the Information Security Risk Analyst at KPMG contributes to the improvement of the company's information security posture and provides support to various departments within the organisation in several ways:

• Identifying and Managing Risks: The analyst helps in identifying and managing cyber security and other technology and information risks. This involves performing threat assessments to identify potential risks to the business and determining the preventative controls in place.
• Enhancing Business Resilience: The analyst contributes to enhancing the organisation's business resilience by reviewing and recommending effective controls over technology assets. This helps in building the organisation's resilience and strengthening core controls to meet the challenges of technology and information risks.

In summary, the role of the Information Security Risk Analyst is crucial in maintaining KPMG's information protection agenda as the business and technology programmes evolve, providing greater visibility and understanding of changing risks.

Key Duties & Responsibilities: 

• Evaluate a range of systems, applications, and software throughout KPMG Australia to determine cyber security status and develop plans for improvement.
• Analyse architectural documentation of systems, solutions, and applications with a focus on cyber security.
• Provide insightful cyber security reporting to local IT leaders as well as regional and global executives, occasionally taking the lead role in this area.
• Offer expert risk assessment and advice during the acquisition process and when integrating third-party solutions, technologies, and services.
• Propose security measures that effectively balance risk mitigation while remaining aligned with the scale of potential threats.
• Champion projects aimed at strengthening the firm’s security framework, seeking innovative methods to evaluate state-of-the-art technologies, including artificial intelligence, blockchain, quantum computing, among others.

How are you extraordinary?

• You actively seek out opportunities for growth, are comfortable challenging the status quo, and enjoy getting out of your comfort zone.
• You are passionate about the importance of fantastic communication to share ideas, inspire, and create change. You can digest, distil, and communicate complex concepts in both written and verbal forms.

Your Experience

• Familiarity and Knowledge of security standards and frameworks including, but not limited to, ISO27001, NIST 800-53, alongside a sound understanding of Cloud Services, Risk Management, and associated Security & Privacy Controls.
• In-depth knowledge of Cloud technologies and infrastructure, particularly with AWS and/or Azure ecosystems.
• A solid grasp of diverse application architectures and their security implications.
• Accredited certifications such as CISM, CRISC, CISSP, SABSA, or other relevant qualifications, especially those related to AWS or Azure cloud technologies, will be considered highly beneficial.

Qualifications

Minimum of a bachelor’s degree in an information technology or business-related discipline.

Additional Information

KPMG is a professional services firm with global outreach and deep sector experience. We work with clients across an array of industries to solve complex challenges, steer change and enable growth. 

Our people are what make KPMG the thriving workplace that it is and what sets us apart is that we know great minds think differently. Collaborate with a team of passionate, highly skilled professionals who’ve got your back. You’ll build relationships with unique and diverse colleagues who will provide you with the support you need to be your best and produce meaningful and impactful work in an inclusive, equitable culture.

At KPMG, you’ll take control over how you work. We’re embracing a new way of working in many ways, from offering flexible hours and locations to generous paid parental leave and career breaks. Our people enjoy a variety of exciting perks, including retail discounts, health and wellbeing initiatives, learning and growth opportunities, salary packaging options and more.

Diverse candidates have diverse needs. During your recruitment journey, information will be provided about adjustment requests. If you require additional support before submitting your application, please contact the Talent Attraction Support Team.

At KPMG every career is different, and we look forward to seeing how you grow with us.