Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you're as passionate about your future as we are, join our team.
KPMG is currently seeking a Manager, IT Security Compliance to join our Digital Nexus technology organization. This role is open to internal employees from any KPMG Location or external candidates from the locations in the posting.
* Lead remediation of identified risks or issues; Research and help to mitigate security risks identified by different IT management platforms in use; leverage multiple IT management tools to assess adherence of the environment to established security standards; Define security configuration for monitoring tools, including alerts, correlation rules, and reporting
* Direct effort to automate and streamline compliance for alerting on anomalous behavior or deviations in expected configuration: user access audits, security settings of OSes, network equipment, virtualization platforms, firewalls, and other IT components hosted both internally and in cloud environments
* Manage changes to policies and procedures as a result of reports generated from multiple IT management platforms
* Presentation and creation of executive level reporting that correctly reflects criticality of identified vulnerabilities and risks, to appropriately support decisions about risk mitigation strategies and competing priorities; function as a subject matter professional in several IT security domains (e.g. access control, cryptography, and monitoring)
* Lead administration and reporting configuration of technical platforms and systems related to compliance tasks (such as Tufin, Splunk, SCCM, Symantec Control Compliance Suite, Solarwinds, Panorama and other firewall consoles, Symantec SEP, MBAM, and CarbonBlack)
* Manage creation and provide guidance on documentation of supported platforms; establish and maintain relationship with key vendors; Provide security subject matter knowledge to the product teams including developers and system administrators
* Minimum five years of experience leading IT security resources is preferred
* Bachelor's degree from an accredited college/university; CISSP is preferred
* Experience in security engineering, security operations, IT Audit, or incident response activities; preferably within a professional services firm or similar environment
* Prior knowledge with process definition and/or improvement based on IT best practices or regulatory requirements such as ITIL, Cobit, ISO 27000, PCI, and NIST standards
* Experience with scripting languages for automation in Microsoft and *nix based environments is desirable; familiarity with reporting and BI tools such as Alteryx, SQL Server, Qlikview and an ability to integrate security tools with IT infrastructure such as proxies, mail servers, Active Directory, workstations and mobile devices
* Fluent in Spanish
KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.