Manager, IT Vendor Risk Assessment
Montvale, NJ

Job Description

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you're as passionate about your future as we are, join our team.

KPMG is currently seeking a Manager, IT Vendor Risk Assessment to join our Digital Nexus technology organization. This opportunity is open to internal candidates from all KPMG US locations and external candidates interested in being based in one of the cities listed within this posting.

Responsibilities:

* Liaise with IT and other representatives of assigned business functions to ensure that project pipelines are understood and that project priorities are reflected in IT Risk & Security's resource planning
* Function as a subject matter professional in several IT security domains (e.g. access control, cryptography, and monitoring)
* Manage full time employees or external contractors
* Perform Vendor Security assessments; Activities include evaluation of vendor controls and practices, process enhancements, performing on site assessments, reviewing security test reports and analyzing and developing security requirements and communicate and track remediation plans with vendors and IT teams and where applicable recommend mitigating/compensating controls
* Participate in communicating vendor related risks with stakeholders to drive remediation efforts; Manage and track IT vendor risk related documentation in GRC (Governance Risk and Compliance) applications like Archer
* Continuously improve the security aspects of the 3rd party operating processes and maintain awareness of the current security threat landscape

Qualifications:

* Minimum five years of experience performing IT security risk assessments, Information Security and Third Party Security Assessments
* Bachelor's degree from an accredited college/university or relevant work experience; CISSP perferred
* Ability to participate in resource planning processes based on defined organizational plans
* Strong trouble-shooting and organizational skills and ability to work on multiple projects simultaneously
* Excellent verbal/written communication, with ability to effectively interact with individuals at all levels of responsibility and authority

KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.