About KPMG in India
KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada.
KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment.
Key Job Responsibilities:
I.InfoSec Governance role:
.Coordinate with various stakeholders at various office locations across India to ensure compliance and facilitate internal and external audits related to Information Security and Data Privacy, like ISO 27001:2013 and ISO 27701:2019, as well as ITGC (IT General Controls) for applications.
.Facilitate and liaise with various stakeholders to close all audit findings within time
.Undertake periodic compliance reviews of all InfoSec controls against defined policies. Provide periodic status reports to the management on the compliance status of the firm.
.Drive the remediation of control deficiencies
.Develop recommendations and strive for continuous improvement of InfoSec controls environment in the organization
.Assist in designing and establishing new security frameworks for various operational processes
.Responsible for keeping updated the ISMS policy/ procedure documents of the firm, after periodic review or any major changes in processes, and maintain an up-to-date repository of documents
.Assist in implementation/ enforcement of the security policy/ procedures across the firm
.Lead the information risk assessment across the organization
.Drive InfoSec awareness program across the firm through trainings, awareness mailers, other channels, etc.
.Assist in security process automation initiatives, wherever possible
.Undertake annual Business Impact Assessment (BIA) exercise for IT business continuity, with various functions for identification of critical applications and their RTO/ RPO. Facilitate setup of new applications in IT Disaster Recovery (DR) site. Ensure and facilitate annual IT DR drills.
II.Data Governance role:
.Rollout enterprise-wide data retention and disposal framework, through implementation of organization policies, processes, related tools and data architecture, to ensure that the data beyond a defined time (which is no longer in use) is disposed of.
.Assist in implementation of retention & disposal framework across IT applications (on prem and on cloud) and end user systems (structured and unstructured data).
.Serve as a liaison between business/ functional teams and IT teams to ensure that data retention framework requirements are met
.Ensure data availability as per the firm’s policy/ requirements – online, archival, backup and redundancy
.Liaison with the IT Infra team to ensure that the required Infra and architecture is maintained to support the above requirements
.Prepare and present periodic status reports/ updates to CISO, CIO and other senior management/ stakeholders
.Help drive continuous improvement and optimization of the processes. Assist in streamlining the related operational processes through automation initiatives.
Skill Requirements:
Equal employment opportunity information KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you. |
Position Type : Full time Type Of Hire : Experienced (relevant combo of work and education) Education Desired : Bachelor...
Apply For This JobJob Description Position Type Full time Type Of Hire Experienced (relevant combo of work and education) Education Desired Bachelor of...
Apply For This JobTechnical Skill Set : PL/SQL, understanding Windows Environment, Active Directory , MS Exchange, MS Office, understanding of application access provisioning,...
Apply For This JobJob Description This role requires a well-rounded cybersecurity professional with expertise in various security domains and the ability to manage...
Apply For This JobJob Description What impact will you make Every day, your work will make an impact that matters, while you thrive...
Apply For This JobWith a startup spirit and 90,000+ curious and courageous minds, we have the expertise to go deep with the world&rsquos...
Apply For This Job