Manager, IT Risk Office - Policy

Kpmg New York , NY 10007

Posted 2 weeks ago

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you're as passionate about your future as we are, join our team.

KPMG is currently seeking a Manager, IT Risk Office-Policy to join our Risk Management organization.


  • Assist in the development of a comprehensive set info firm IT policies to guide management's control framework to mitigate IT risk (e.g., security, operations, data management, resiliency)

  • Review and align policies from KPMG International to apply to the US member firm with modifications or additional policies developed, as needed

  • Manage policy governance function to ensure policies are reviewed, updated, and approved in a timely manner in accordance with guidance and the current risk environment

  • Leverage enterprise training efforts to coordinate training for IT policy content

  • Establish and lead the firm IT Policy Review Board

  • Contribute to the continued improvement of Risk Management processes.Lead and/or participate in various Risk Management projects and initiatives


  • Minimum six years of related work experience in IT Policy, Governance and Compliance Management or Information Security

  • Bachelor's degree from an accredited college/university

  • Working knowledge of RSA's Archer eGRC Solutions and Archer certification is a plus. Relevant IT or Risk Management certification (e.g., CRISC, CISSP, CISM, CISA, CIPP, CGEIT, CRMA, CIA)

  • Working knowledge ISO27001, NIST 800-53, NIST 800-171, NIST CSF, HIPAA, HITRUST, ITIL, and COBIT

  • Progressive experience leading multi-disciplinary teams and managing projects.Excellent written and verbal communication skills, organizational, analytical and critical thinking and interpersonal skills with a demonstrated ability to gain the confidence and respect of various levels; Hands-on, independent and accountable management style and is capable of managing multiple concurrent tasks and projects

  • Ability to travel as needed

KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
IT Risk Policy Adherence Manager Operational Risk Manager 4

Wells Fargo

Posted 2 days ago

VIEW JOBS 4/18/2019 12:00:00 AM 2019-07-17T00:00 Job Description At Wells Fargo, we want to satisfy our customers' financial needs and help them succeed financially. We're looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you'll feel valued and inspired to contribute your unique skills and experience. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you. Enterprise Finance & Information Technology offers technology and services that exceed Wells Fargo customers' expectations and directly enable them to succeed financially. We interact with customers more than 12 billion times a year through in-store, online, ATM, and telephone transactions. We impact customers directly, through systems availability and security, as well as indirectly, through our business partners who offer and deliver a myriad of products and services that meet customers' financial needs. We provide a competitive advantage for the company through excellence in fundamentals, integrated partnerships, and our talented and engaged team members. Position Responsibilities: Our environment continues to be one of the heightened standards, raised risk consciousness, and regulatory requirements. As part of the First Line of Defense, this role will provide leadership support to ensure that Enterprise Information Technology is accountable for risks associated with technology activities, current and emerging risk identification, measurement, assessment, control, mitigation, monitoring and reporting. This role will work regularly with EIT teams and Second Line functions to ensure a strong control environment exists for compliance with technology laws, regulations, and rules. Enterprise Information Technology – Policy and Regulatory Governance Manager The Technology Policy and Regulatory Management requires an understanding of Technology policies development and Regulatory Management requirements and how they apply to the Enterprise Infrastructure Technology (EIT) organization and their related policies. The Technology Policy Governance development and revision process requires an understanding of policy development, control objectives and policy frameworks necessary to update and maintain a well-managed stack of policies for the EIT Organization. Candidate will manage the end-to-end development and revision process, working directly with the Policy teams, Corporate Policy Office, Technology Risk Management Oversight, and risk domain consultants to usher the EIT stack of policies and procedures through the development and revision process. Accountable for reviewing and providing feedback on policy content to ensure alignment with EIT and CPO policy framework, risk frameworks and risk appetite. Accountable for leading a team responsible for end to end policy development and regulatory management for the EIT organization. Policy and Regulatory Management Capabilities: * Understanding of technology Policy Management development and how to incorporate regulatory requirements into policy and standards content. * Clear understanding of Regulatory Management - how to read requirements and understand applicability to EIT / technology policies and standards. * Clear understanding of policies and standards associated with Technology Risk - drive quality and completeness of content in line with established guidelines and frameworks * Ability to lead, influence and direct team members, key stakeholders and partners * Direct policy and process managers on design and implementation of policy requirements to ensure business EIT authored Policies are clear and effective and contain regulatory requirements. * Work closely with Policy Adherence team to drive alignment of policy requirements to key risk information and enable policy adherence monitoring and reporting As a Team Member Manager, you are expected to achieve success by leading yourself, your team, and the business. Specifically you will: * Lead your team with integrity and create an environment where your team members feel included, valued, and supported to do work that energizes them. * Accomplish management responsibilities which include sourcing and hiring talented team members, providing ongoing coaching and feedback, recognizing and developing team members, identifying and managing risks, and completing daily management tasks. Required Qualifications * 10+ years of experience in compliance, operational risk management (includes audit, legal, credit risk, market risk, or the management of a process or business with accountability for compliance or operational risk), or a combination of both; or 10+ years of IT systems security, business process management or financial services industry experience, of which 5+ years must include direct experience in compliance, operational risk management, or a combination of both * 5+ years of management experience Desired Qualifications * Advanced Microsoft Office skills * Excellent verbal, written, and interpersonal communication skills * Strong analytical skills with high attention to detail and accuracy * Ability to articulate complex concepts in a clear manner Other Desired Qualifications * 10+ years of experience in leading/managing teams * 5+ years' experience authoring and presenting material to an executive audience. * Ability to lead and influence peer organizations * Experience managing governance programs and/or oversight programs within a risk management environment * Experience in front line, compliance, operational risk, IT systems security, business process mgmt. or financial services, (includes audit, legal, credit risk, market risk, or the management of a process or business with accountability for compliance or operational risk) * Demonstrated ability to effectively execute in a large, diverse, matrixed organization * Experience in leadership roles within Technology Risk or Compliance organizations * Prior experience with designing and executing policy adherence frameworks * Demonstrated knowledge of Technology and Security risk framework – COBIT, FFIEC, NIST, ITIL, COSO, BASEL, and OCC Heightened Standards * Strong ability and experience working with and collaborating with leaders and team members at all levels and across functional lines. * Comprehensive knowledge and understanding of strategic elements of financial, operational, technical and regulatory environments across a complex global services environment * Professional certifications such as CPA, CSCP, CRCM, CGEIT, CRISC, CITP, CISA, CISSP Disclaimer All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act. Relevant military experience is considered for veterans and transitioning service men and women. Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation. Wells Fargo New York NY

Manager, IT Risk Office - Policy