Manager, Information Security, Data Risk Management and Internal Audit
Date: Dec 12, 2024
Location: Ho Chi Minh, VN Ha Noi, VN
Company: KPMG Viet Nam
Job Code: KPMG-2024-1323
About Us
KPMG is a global network of independent member firms offering Audit, Tax, Legal, Advisory and Consulting services. The firms work closely with clients, helping them to mitigate risks and grasp opportunities.
In Vietnam & Cambodia, KPMG is one of the largest professional firms with offices in Ho Chi Minh city, Hanoi, Danang and PhnomPenh. Established since 1994, we have 30 years of experience with more than 2,000 professionals.
We lead with a commitment to quality and consistency across our global network, bringing a passion for client success and a purpose to serve and improve the communities in which member firms operate. In a world where rapid change and unprecedented disruption are the new normal, we Inspire Confidence and Empower Change in all we do.
Our services
KPMG in Vietnam provides a holistic approach to risk to help your risk framework align to your business agenda, especially as people prepare to drive sustainable growth into their business in an environment where trust and credibility are critical to success. We work to protect and enhance business value by helping you manage risk in an agile and effective way, cut costs and improve business performance. We believe risk and compliance is more than a box-ticking exercise – it is a critical investment that can underpin an organization’s long-term growth, value and sustainability.
Our team of risk professionals comprises specialist individuals and teams dedicated to providing timely and practical advice, drawing on KPMG in Vietnam's advisory services that include a range of both holistic and specialist risk services.
Key Responsibilities
Actively support business development and project execution for Risk Consulting services with assignments relating to information security and data risk management, including but not limited to:
• Internal audit on ITGC/ITAC and key IT processes
• Risk assessment and responses on IT security, information security
• ISMS framework development and implementation, in lines with standards such as NIST, COBIT, ISO27001
• Business Continuity Management, in lines with ISO 22301
• D&A and AI/ML governance and risk management
• Trainings on information security and data risk
Work closely with risk professionals across Risk Consulting practices to provide the technology enablement supports for risk function transformation, including but not limited to development of BRD and oversight on implementation for systems and/or tools that facilitate risk functioning such as e-GRC, early warning and indicators monitoring, KYC/screening, transaction monitoring, investigations, data privacy management, ESG reporting and emission accounting.
Supervise and review the work of other team members, providing coaching and support, and managing their technical performance.
Requirements & Skills preferred
Requirements:
• Solid experience in technical aspects of data security, internal controls, information security, IT risk management and internal audits
• Familiar with leading practices and standards relating to information security and data risk
• Good teamwork and communication skills to establish and maintain business relationships
• Knowledge of how to create proposals and present effectively
• Logical thinking and efficient handling of workload.
Skills preferred:
• A minimum of 5 years of hands-on experience in internal audits (focusing IT internal audit is preferable), IS/IT security reviews and data risk management
• A bachelor’s or master’s degree in IT
• CISA is required• One or more of the following certifications will be an advantage: CCNA, CISSP, CEH, CISM, CRISC, ITIL, Certified ISO27001 Lead Auditor, PMP.
• Good knowledge on leading practices and standards
• Extra experience in BCM, AI/ML governance, e-GRC and risk technology are advantages
How to Apply
Click 'Apply now' or send your application to vnrecruiting@kpmg.com.vn
Only shortlisted candidates will be contacted.