Information Security Compliance Analyst

Job Description

The Security Compliance Analyst works for the team of Information Security Compliance which is a team within the Technology & Information Risk Management (TIRM). This role requires the ability to communicate and assist in presenting to (TIRM) leadership, Privacy, and Office of General Counsel (OGC) with regards to information security compliance and ongoing improvement of KPMG’s information security posture. The role must provide a balanced blend of business enablement while minimising information security risk, providing pragmatic advice to uphold policies, and assisting project and stakeholder teams to work through compliance challenges.

Your Opportunity

The core functions of this role include:

• Assess all aspects of information security compliance for KPMG Australia;
• Assist in providing information security reporting to local Risk Management, CTG leadership, regional and global leadership;
• Coordinate with other aspects of the business including OGC, Privacy, P&I (HR), CISO, CTG, and internal stakeholders within the business;
• Assist the Security Compliance team in facilitating the annual external ISO27001/27017 audit, the internal Information Protection Controls Review (IPCR), and any other reviews such as APRA CPS234 or NIST CSF;
• Perform regular compliance reviews to ensure adherence to KPMG Policies, Procedures, and Standards;
• Perform regular reviews of KPMG Policies, Procedures, and Standards to ensure they remain up to date and aligned with global documents;
• Assist the Security Compliance team with compliance activities as per the Security Compliance calendar;
• Respond to Client Queries about KPMG’s information security posture in a timely manner;
• Liaise with OGC and the business to review client contracts’ security clauses to ensure KPMG can agree to the security clauses posed by clients, or amend as necessary.
• Proactively provide assistance in other Security Compliance teamwork as needed.

Your Experience

At KPMG, we believe diversity of thought, background and experience strengthens relationships and delivers meaningful benefits to our people, our clients, and communities. To be considered for this opportunity, your qualifications, skills & experience could include:

• Minimum of a bachelor’s degree in an information or business-related discipline.
• Minimum 1-2 years of experience in IT roles, preferably with involvement in a combination of compliance, and auditing.
• Preferred, but not required to have accreditation in two of the following, ISO27001 Lead Auditor or Lead Implementor/CISM/Microsoft SC 900 - Security, Compliance and Identity Management; GCIH and/or CISSP (or relevant certifications).
• Criminal Records Check and possibly a National NV-1 security clearance.

Additional Information

KPMG is a professional services firm with global outreach and deep sector experience. We work with clients across an array of industries to solve complex challenges, steer change and enable growth. 

Our people are what make KPMG the thriving workplace that it is and what sets us apart is that we know great minds think differently. Collaborate with a team of passionate, highly skilled professionals who’ve got your back. You’ll build relationships with unique and diverse colleagues who will provide you with the support you need to be your best and produce meaningful and impactful work in an inclusive, equitable culture.

At KPMG, you’ll take control over how you work. We’re embracing a new way of working in many ways, from offering flexible hours and locations to generous paid parental leave and career breaks. Our people enjoy a variety of exciting perks, including retail discounts, health and wellbeing initiatives, learning and growth opportunities, salary packaging options and more.

Diverse candidates have diverse needs. During your recruitment journey, information will be provided about adjustment requests. If you require additional support before submitting your application, please contact the Talent Support Team.

At KPMG every career is different, and we look forward to seeing how you grow with us.

KPMG is a professional services firm with global outreach and deep sector experience. We work with clients across an array of industries to solve complex challenges, steer change and enable growth. 

Our people are what make KPMG the thriving workplace that it is and what sets us apart is that we know great minds think differently. Collaborate with a team of passionate, highly skilled professionals who’ve got your back. You’ll build relationships with unique and diverse colleagues who will provide you with the support you need to be your best and produce meaningful and impactful work in an inclusive, equitable culture.

At KPMG, you’ll take control over how you work. We’re embracing a new way of working in many ways, from offering flexible hours and locations to generous paid parental leave and career breaks. Our people enjoy a variety of exciting perks, including retail discounts, health and wellbeing initiatives, learning and growth opportunities, salary packaging options and more.

Diverse candidates have diverse needs. During your recruitment journey, information will be provided about adjustment requests. If you require additional support before submitting your application, please contact the Talent Support Team.

At KPMG every career is different, and we look forward to seeing how you grow with us.