Zoek in 427 Vacatures voor financiële specialisten

SOC2 Attestation Senior Manager - KPMG

Locatie: Amstelveen, Londen

De functie
The KPMG International Information Protection Group (IPG) focuses on improving security, privacy and data rights management across the network of KPMG member firms. The Global Attestation (System and Organization Controls- 2) SOC2 team manages independent attestation efforts that help depict adherence of Global KPMG solutions to risk and security standards and build cybersecurity and client trust.

Responsibilities and Tasks

  • This position will provide attestation support to a global IT services group related to producing attestation (System and Organization Controls- 2 SOC2 Type 2) reports, particularly for IT controls. In addition, the successful candidate will complete general information protection and IT controls compliance activities, including supporting business areas in interpretation of frameworks, control design, support of internal and external audits, responding to audit findings, process improvements and other activities to manage and extend the IT control environment.
  • Form strong collaborative and advisory relationships with SOC2 report owners, business and IT stakeholders to become a trusted source of compliance information and direction
  • Provide leading practice and current guidance to SOC2 report owners in appropriately developing and maintaining their SOC2 reports, particularly as report standards change
  • Work closely with IT and business stakeholders to clarify compliance requirements and drive implementation of process improvements.
  • Continue to develop and communicate the SOC2 report governance processes
  • Plan for and coordinate multiple SOC2 readiness and attestation streams for multiple business lines
  • Assist in ensuring that IT controls are appropriately designed and effective
  • Coordinating and scheduling auditors, tracking and reporting on progress. Maintain close supervision of independent service auditors through the audit process and provide updates to report owners.
  • Assist in gathering and tracking appropriate evidence to support IT controls.
  • Support process owners with documenting remediation plans and target dates for completion. Manage remediation processes for audit findings and process issues. Identify and manage relevant documentation, risk assessments and past audit findings.
  • Deliver SOC2 report program reporting utilizing tools to track planning, scheduling, issues, risks and overall status of compliance efforts.
  • Perform analysis on SOC2 report results to strengthen reports year over year
  • Participate in broader external compliance communities to keep up with industry leading practices and emerging trends
  • Continually work to identify methods to simplify the audit process for IT resources
  • Support project reporting activities to track planning, scheduling, issues, risks and overall status of attestation and compliance efforts.

Het profiel
Management and Competencies

  • Very good knowledge of SSAE 18 Service Organization Control (SOC) 1 / SOC 2 attestation standards, reporting requirements and audit procedures
  • Experience coordinating and overseeing SOC reporting audits and reviewing SOC reports
  • Strong knowledge of IT and IT operations, especially cloud-based
  • Excellent business process analysis and report writing skills
  • Capable of critical thinking and executing plans into action
  • Good communicator with strong presentation skills
  • Experienced working in multi-cultural environments and sensitive to different business cultures
  • Strong ability to multi-task and work independently within a global team
  • Methodical approach to work, attention to detail and delivery of high quality results

Education & Qualifications

  • Minimum of 4 to 6 years of experience, with at least 4 years of information protection assessment and attestation experience within a corporate environment (global companies preferred)
  • Bachelor’s degree from an accredited college / university (preferably in Computer Science, Computer Engineering, Information Security, Management Information Systems or other relevant field) – Masters (post-graduate) degree a plusStrong experience performing SOC2 Type 2, SOX, internal or external audit, including supervisory experience
  • Professional information security audit / assessment and information security management certifications preferred, such as CISA, CISM, CISSP ISO 27001 Auditor
  • Hold a valid passport and able to travel periodically on business assignments
  • Fluent in English, other languages spoken a plus, such as Spanish, French, Mandarin

Ons aanbod
KPMG is an international network of companies with personal attention for employees.  We have a strong market position. Our people work closely together on a daily basis in a pleasant and stimulating environment where we provide services to domestic and international clients. Personal development is central to KPMG. Through targeted training, education and coaching, we help our employees to excel and get the best out of themselves.
We offer you an excellent package of primary and secondary benefits (laptop, smartphone, reimbursement of expenses and non-contributory pension), which are tailored to the latest developments in the market.

Meer informatie en solliciteren
For more information about the application procedure, you can contact the responsible recruiter. Apply directly? Then click on the 'apply' button below

Location: Amstelveen, Londen

Information and application:


Please send your application for SOC2 Attestation Senior Manager at KPMG in Amstelveen, Londen including your CV via our website.

Job posted

20 november 2018
Apply Now

More information:

Niels Schelleman
Senior recruiter Technology en Risk & Compliance
t. (020) 656 7193

Wil je deze vacature delen met je netwerk?

delen via Facebook delen via LinkedIn delen via Twitter Tell a friend Print vacature