Senior Associate, IT Internal Audit

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Seramount, Fair360 and others. If you're as passionate about your future as we are, join our team.

KPMG is currently seeking a Senior Associate, IT Internal Audit to join our Audit and Assurance practice.

Responsibilities:

• Design, coordinate, and oversee the day-to-day activities related to client engagements in one or more areas such as, Information Technology (IT) strategy and transformation programs, agile software development/DevOps, business continuity and disaster recovery, cybersecurity, cloud providers and other third parties; data management/governance, emerging technology such as AI, automation (robotics, cognitive, and more), and projects, General IT controls (GITCs) and application controls testing, and regulatory/compliance requirements such as Sarbanes Oxley (SOX), FedRAMP and Payment Card Industry (PCI)Review clients' IT traditional and agile processes as well as tools for security, resiliency and DevOps controls against leading practice, industry, or client frameworks; assess capability maturity, identify gaps in design and execution of the controls, as well as communicate issues and recommendations to senior management within Financial Services, Consumer and Retail, Industry Manufacturing, Technology industries
• Work with client senior management to design, and implement new IT risk and control frameworks, sustainable solutions (including, applying knowledge of governance, risk and security tools), operating processes and people models to address key and evolving risks, as necessary
• Complete comprehensive executive summaries, final reports, and deliver to client senior management; document and review engagement workpapers in accordance with KPMG requirements as well as common industry practice for internal audit and risk consulting client engagements; Lead efforts in developing and contributing content to related KPMG knowledge bases and internal practice development initiatives, including but not limited to research, thought leadership, marketing collateral, and share forums/peer exchange materials

Qualifications:

• Minimum three years of recent experience working within IT risk (first line or second line of defense), cybersecurity, internal audit or IT compliance function as an internal employee; similar role as part of a professional services firm
• Bachelor's degree from an accreditted college/university in an appropriate field; CISA, CISM, CISSP, CRISC or similar certifications preferred;
• Master's degree from an accredited college/university preferred; one or more enterprise technology vendor certifications from IBM, Oracle, Microsoft, Google, AWS, ServiceNow, GitHub, Artifactory, Atlassian, or GitLab preferred
• Prior knowledge leading and executing IT risk consulting, IT process re-engineering, IT audit, and IT internal controls engagements, leveraging IT governance and control frameworks such as Control Objectives for Information and Related Technologies (COBIT), NIST Cybersecurity framework (CSF), NIST 800-53, IIA GTAG, Cloud Security Alliance, Capability Maturity Model Integration (CMMI), and Information Technology Infrastructure Library (ITIL) and proficiency in core requirements and methodologies for Sarbanes-Oxley (SOX) internal control programs
• Experience with IT risk management operating models, three lines-of-defense frameworks, integrated risk management practices, and/or risk intelligence capabilities
• Understanding of commonly used enterprise technology infrastructure, Continuous Integration and Continuous Delivery (CI-CD) pipelines and DevOps management products/solutions from IBM, Oracle, Microsoft, Google, AWS, ServiceNow, Jenkins, GitHub, Artifactory, Atlassian, or GitLab preferred
• Strong leadership and executive communication skills, technical knowledge, and the ability to write at a publication quality level in order to communicate findings and recommendations to the clients and senior management team
• Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa)Ability to travel as necessary

KPMG offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state, or local laws. The attached link contains further information regarding KPMG's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.

KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them.

Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.