Director, Cyber Security Services - Strategy & Governance

Kpmg San Francisco , CA 94118

Posted 2 days ago

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you're as passionate about your future as we are, join our team.

KPMG is currently seeking a Director in Technology Risk - Cyber Security for our KPMG Risk Consulting practice.


  • Provide guidance and share knowledge with team members and participate in performing procedures, especially focusing on complex, judgmental, and/or specialized data protection and privacy issues

  • Oversee engagement objectives, strategize to comply with professional standards, and mitigate risks inherent in the engagement

  • Review work performed by the engagement team and maintain relationships with client account leadership to manage expectations of service, including work products, timing, and services to be delivered

  • Oversee the execution of Information Security and privacy inherent to client engagements

  • Identify technological opportunities and evaluate the Information Security and privacy impacts on the client's business

  • Demonstrate excellent project management skills, promote teamwork and individual accountability with engagement team members, and use available technology, tools, and KPMG Information Security assets to enhance the effectiveness of deliverables and services


  • A minimum of eight years of experience with regulatory requirements and compliance issues in at least one of the following areas: PCI GLBA, EU Data Protection Directive, and International Cross Border & US State Data Privacy Laws

  • Bachelor's degree from an accredited college/university and ten years of work experience with at least four years in an Information Security leadership role; Master's degree and a minimum of eight years of related work experience with at least four years in an Information Security leadership role is preferred

  • CIPP or CIPP/IT certified; non-certified hires are required to become certified within a minimum of one year from the date of hire

  • Significant experience with Information Governance and Information Security Strategy plans, and assessments using industry framework, such as ISO 27002 or NIST 800:53

  • Advanced written and verbal communication and presentation skills, teamwork, and client service skills

  • Travel may be up to 80-100%, work in a fast paced, results driven environment, grasp new technology, and contribute at a rapid pace

  • Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future

KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. All qualified applicants are considered for employment without regard to race, color, creed, religion, age, sex/gender, national origin, ancestry, citizenship status, marital status, sexual orientation, gender identity or expression, disability, physical or mental handicap unrelated to ability, pregnancy, veteran status, unfavorable discharge from military service or military status, genetic information, genetic disposition and or carrier status, domestic violence status, personal appearance, family responsibility, matriculation or political affiliation, status with regard to public assistance, or other legally protected status. KPMG maintains a drug-free workplace. KPMG will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable local, state or federal law (including San Francisco Ordinance number 131192). No phone calls or agencies please.

See if you are a match!

See how well your resume matches up to this job - upload your resume now.… Change Resume
Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Security Red Team Lea...


Posted 2 days ago

VIEW JOBS 8/16/2018 12:00:00 AM 2018-11-14T00:00 PwC is driving major change across information and cyber security by building a centralized model to provide security services across the entire network of member firms. Mandated at the network level, Network Information Security (NIS) operates outside Information Technology (IT) and is responsible for this major program initiative, from definition of the security strategy to the execution of the global Cyber Readiness Program, moving from local to globally-provided services. Our mission is to identify, control, and reduce the attack surface across the network of member firms while increasing our adversaries' cost of attack. In order to deliver the Cyber Readiness Program, the NIS team is structured into the following Pillars: * Information Security Risk and Compliance (ISRC) * Chief Information Security Office (CISO) * Security Architecture, Engineering, Innovation and Transformation (SAEIT) * Cyber Security Services * Strategy and Alliances * Chief of Staff NIS is redefining cyber security on a global scale at PwC. Our mission protects 223,000 PwC members across 157 member firms worldwide, as well as our global clients. If you are seeking an exciting career with the scope to grow your cyber security skills through major change on a global scale, then NIS will empower you to do so. The Information Security Risk and Compliance pillar within NIS is responsible for the following services: * Information Security Policy and Governance * Risk Management and Compliance * Metrics Analysis and Reporting * Cyber Readiness Red Team * Cyber Program Effectiveness If you love the strategic side of information security this is the place to be. Within ISRC we work to create the global information security governance framework within PwC. Management of information security risks is imperative to our mission and ISRC sets the minimum baseline for information security across the network of member firms. Identification, tracking and mitigation of risk through an enterprise risk register is the overall goal for the function, enabling PwC to have full visibility into potential information security risks across our estate. Delivering a business first framework aligned to industry standards in information security enables NIS to coordinate risk management and compliance efforts across the Network of firms. The Information Security Cyber Readiness Red Team is responsible for performing quality assurance testing to ensure that IT and NIS solutions, operations, and program delivery meet set service standards, and for maintaining and communicating an appropriate system-wide view of threat-driven risks across data centers, business units, etc. throughout the PwC network of member firms. Position/Program Requirements Minimum Year(s) of Experience: 10 Minimum Degree Required: High School Diploma or GED Degree Preferred: Bachelor's degree in IT or related field. Knowledge Preferred: Demonstrates thought leader-level knowledge with, and/or a proven record of success directing efforts as an industry leader in the following areas: * Cyber readiness-related testing and certification and related functions, and of information security in general, that is applied to integrate and drive the execution of strategic priorities; * Ted team requirements, techniques, activities, and legal implications or related function; * Threat intelligence programs to address threats relevant to identified risk areas within the member firms; * Information security controls, certifications, and standards such as NIST, ISO27001/2, CobIT, CRISC etc.; * Establishing thought leadership at the NIS and firm-wide level in a particular knowledge area; * Establishing and leading overall business strategy and plan; * Influencing others through leadership interactions with external clients, within NIS, across functions, and with Internal Firm Services leadership; * Establishing the strategic direction for the Cyber Readiness Red Team and leading teams to execute against the strategy; * Building and maintaining relationships across the network of firms to effectively deliver Information Security Cyber Red Team activities on behalf of NIS; * Executing tasks aligned to Information Security Cyber Red Team with autonomy; * Leveraging knowledge of threat and risk identification, assessment, treatment processes to contribute to the development of new domain specialization in those processes on an ongoing basis; and, * Planning and leading high impact security related assessments and evaluations. Skills Preferred: Demonstrates thought leader-level abilities with, and/or a proven record of success directing efforts in the following areas: * Providing regular threat/risk briefings to senior management regarding issues raised by the red team; * Presenting findings within a context of overall risk to the enterprise; * Adjusting red team activities and agenda based on senior management input; * Managing multiple relationships and stakeholders throughout major transformation; * Balancing business stakeholders and a central technology service organization; * Navigating a matrix organization; * Collaborating with multiple stakeholders across functional and technical skillsets; * Assessing and managing the legal and regulatory requirements pertaining to Cyber Readiness related assessments and evaluations; * Leveraging technology and processes to enable the network of member firms to assess and evaluate the effectiveness of current programs and technology, and to apply and achieve appropriate standards and certifications; and, * Collaborating with IT to align security processes, evaluations, and tools. Additional Information Candidate may be located anywhere in the US Line of Service IFS Industry IFS State & City CA-San Francisco CA-San Jose DC-Washington FL-Tampa GA-Atlanta IL-Chicago MA-Boston MI-Detroit NJ-Florham Park NY-New York PA-Philadelphia TX-Dallas TX-Houston VA-McLean Travel Requirements 0-20% Position Type Full Time Auto req ID 110605BR Categories Cybersecurity/Privacy Information Technology Pwc San Francisco CA

Director, Cyber Security Services - Strategy & Governance