Outsourcing Risk Management – Assistant Manager / Manager
Outsourcing Risk Management – Assistant Manager / ManagerKPMG Information Protection & Business Resiliency (IPBR) Advisory professionals assist clients to protect the confidentiality, integrity and availability of their IT infrastructure/ application systems and data.
To join a growing team to assist clients in the Financial Services sector with their outsourcing governance and risk management challenges and recommending / implementing improvements to outsourcing/vendor risk management processes and practices controls to better manage risks. Provide clients with consultancy concerning outsourcing/vendor/3 rd part risk management topics covering outsourcing governance frameworks, outsourcing /vendor assurance, IT security governance & controls, data protection/privacy/classification, etc. Applicants will apply their knowledge of operational and IT risk concepts and industry practice standards/ISO standards, or understanding of local and regional regulations (e.g. MAS and HKMA) to help clients better manage their operational/outsourcing and IT risks.
The successful candidate will have the following responsibilities:
• working in a collaborative team to deliver governance & risk, regulatory and compliance advisory services, as well as to implement solutions to address client challenges/problems
• identifying and resolving complex issues and develop innovative solutions for clients
• supporting the development of recommendations and presentations for client engagements
• working with high profile clients on a variety of local and international engagements
Personality traits leading to a good fit into the team include independence, innovative and resourceful thinking with strong interpersonal, organisational, presentation and report writing skills. A naturally inquisitive mind with an ability to think "outside the box" is preferred.
The role involves:
• Planning and executing the day-to-day activities of advisory/ consulting engagements for a variety of clients, to address clients' needs on outsourcing/vendor risks
• Evaluating the design and effectiveness of management controls and operational/outsourcing governance & risk management practices supporting the client's business and operations
• Supervising and providing performance management for staff working on assigned engagements
• Identifying and communicating gaps to senior management and clients, as well as providing advice on improvement opportunities for clients
The ideal candidate should demonstrate the following:
• Technical applied experience working in one or more of these domains - Outsourcing/Vendor Risk Governance and Risk Management, good understanding on business/operational risks, IT Risk Management, IT Audit, Corporate Governance, or Regulations (MAS and other Regulators)
Have a good working knowledge of information security principles, techniques and standards • • Soft skills - communication (written & verbal), client-centric, strong analytical & problem solving skills, team player
• Prefer banking or insurance industry experience
• A recognised degree in a Technology related or relevant field, such as Information Technology, Commerce/Business with major in Information Systems, Computer Science, or Engineering (Electronics/Computer), or related disciplines
• Recognised certification in an IT Risk or Business related field (desirable but not mandatory): CISA, CRISC, PMP, CPA
• Minimum 3 years of relevant experience for Senior Associate
• Minimum 4 years of relevant experience for Assistant Manager
• At least 5-6 years of relevant experience for Manager