Apply on Employer Site

KPMG US · 13 hours ago

Senior Associate, IT Internal Audit

Dallas, TX

Full-time

Hybrid

Mid, Senior Level

$84K/yr - $139K/yr

2+ years exp

KPMG is a leading advisory firm experiencing significant growth and client demand. They are seeking a Senior Associate in IT Internal Audit to design, coordinate, and oversee client engagements related to IT strategy, cybersecurity, and compliance, while working closely with senior management to implement effective IT risk frameworks.

Financial Services

No H1B

Responsibilities

Design, coordinate, and oversee the day-to-day activities related to client engagements in one or more areas such as, Information Technology (IT) strategy and transformation programs, agile software development/DevOps, business continuity and disaster recovery, cybersecurity, cloud providers and other third parties; data management/governance, emerging technology such as AI, automation (robotics, cognitive, and more), and projects, General IT controls (GITCs) and application controls testing, and regulatory/compliance requirements such as Sarbanes Oxley (SOX), FedRAMP and Payment Card Industry (PCI)Review clients' IT traditional and agile processes as well as tools for security, resiliency and DevOps controls against leading practice, industry, or client frameworks; assess capability maturity, identify gaps in design and execution of the controls, as well as communicate issues and recommendations to senior management within Financial Services, Consumer and Retail, Industry Manufacturing, Energy, Technology industries

Work with client senior management to design, and implement new IT risk and control frameworks, sustainable solutions (including, applying knowledge of governance, risk and security tools), operating processes and people models to address key and evolving risks, as necessary

Complete comprehensive executive summary, final reports, and deliver to client senior management; document and review engagement workpapers in accordance with KPMG requirements as well as common industry practice for internal audit and risk consulting client engagements; Lead efforts in developing and contributing content to related KPMG knowledge bases and internal practice development initiatives, including but not limited to research, thought leadership, marketing collateral, and share forums/peer exchange materials

Qualification

IT risk managementCybersecurityInternal auditIT complianceCISA certificationCISM certificationCISSP certificationCRISC certificationIT governance frameworksDevOps managementCommunication skillsTeam collaboration

Required

Minimum two years of recent experience working within IT risk (first line or second line of defense), cybersecurity, internal audit or IT compliance function as an internal employee; similar role as part of a professional services firm

Bachelor's degree from an accredited college/university in an appropriate field

CISA, CISM, CISSP, CRISC or similar certifications preferred

Master's degree from an accredited college/university preferred

One or more enterprise technology vendor certifications from IBM, Oracle, Microsoft, Google, AWS, ServiceNow, GitHub, Artifactory, Atlassian, or GitLab preferred

Prior knowledge in IT risk consulting, IT process re-engineering, IT audit, and IT internal controls engagements, leveraging IT governance and control frameworks such as Control Objectives for Information and Related Technologies (COBIT), NIST Cybersecurity framework (CSF), NIST 800-53, IIA GTAG, Cloud Security Alliance, Capability Maturity Model Integration (CMMI), and Information Technology Infrastructure Library (ITIL) and proficiency in core requirements and methodologies for Sarbanes-Oxley (SOX) internal control programs

Experience with IT risk management operating models, three lines-of-defense frameworks, integrated risk management practices, and/or risk intelligence capabilities

Understanding of commonly used enterprise technology infrastructure, Continuous Integration and Continuous Delivery (CI-CD) pipelines and DevOps management products/solutions from IBM, Oracle, Microsoft, Google, AWS, ServiceNow, Jenkins, GitHub, Artifactory, Atlassian, or GitLab preferred

Strong communication skills, technical knowledge, and the ability to write at a publication quality level in order to communicate findings and recommendations to the clients and senior management team

Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future

Ability to travel as necessary