Manager- Operational and Security Compliance

Security and Operational Compliance is a key part of KPMG’s strategy and is a crucial part of everything we do. KPMG’s Security and Operational Compliance Centre of Excellence (CoE) was established to provide central support for enabling and maintaining Security and Operational ISO standards as part of our day-to-day operations.

The role will primarily lead the Governance, Risk and Compliance for Operational ISO Standards: ISO9001 (Quality Management), ISO14001 (Environmental Management), ISO45001 (Occupational Health and Safety), which are critical to ensuring the Firm meets its objectives as well as its legal, regulatory and compliance obligations.

The role will also involve assisting with the Governance, Risk and Compliance for other ISO Standards: ISO27001 (Information Security), ISO27017 (Cloud Security), ISO42001 (Artificial Intelligence) and other related work.

We are interested in a Manager level individual with 3-5 years of experience to join our national Security and Operational Compliance Centre of Excellence. The CoE is the coordination and reporting point for all matters directed by the Governance, Regulation and Compliance sub-committee of the National Executive Committee (NEC).

The role reports to the Director, Head of Security and Operational Compliance.

Ideally, we need someone with experience in Security and Operational Governance, Risk & Compliance, ISO standard compliance programs, monitoring, controls, and regulatory compliance. Strong stakeholder engagement and influencing skills are essential as is the ability to work in a fast-paced and ever-changing environment.

Your new role

This role will focus on working with teams from across KPMG’s divisions to enable and maintain the required annual certifications for Security and Operational ISO Standards ISO27001, ISO27017, ISO42001, ISO9001, ISO14001 and ISO45001.

• Managing ISO audits, monitoring, governance, compliance, audit and assurance activities
• Coordinating all ISO certification-related activities
• Supporting the design, development, training, maintenance and assurance of Security and Operational Policies and Standards  
• Being flexible and assisting with any other activities required

Projects, Governance, Controls & Change

• Oversee controls implementation, enhancement and maturity uplift
• Working with process owners to implement ISO Controls
• Assisting with implementing ServiceNow’s Integrated Risk Management (IRM) platform
• Coordinating remediation projects

Compliance, Assurance & Audits

• Coordinating with the first line of defence in implementing controls testing
• Controls reporting
• Operational ISO Assurance support
• Facilitate all Operational ISO committees’ planning and reporting
• Coordinating Internal & External Audits

We are interested in hearing from people who have:

• An absolute passion for Operational Risk, Security Compliance, Governance, Risk & Compliance
• Backgrounds in Operational Risk, Governance, Risk & Compliance, Controls & Monitoring.