Senior Consultant - IT Risk Services

at  KPMG

Overview:
At KPMG, you’ll join a team of diverse and dedicated problem solvers, connected by a common cause: turning insight into opportunity for clients and communities around the world.
Are you a talented individual with a proven track record on executing project deliverables.
Our Technology Risk Services team is growing and we are looking for a Senior Consultant to join our team in Toronto. The Technology Risk Services practice provides a variety of services to our clients. The successful candidate will focus primarily on performing IT internal audit and IT risk advisory engagements.

What you will do:

• Conducting assessments of IT risks and controls in support of internal and external audit and advisory engagements, related to for instance:
• Internal controls over financial reporting
• IT risk and maturity assessment
• IT projects and system implementations.
• Access Management
• IT governance reviews
• IT Third party risk management.
• Business continuity and disaster recovery
• Cloud security
• Data governance assessments and reviews
• ERP controls and security
• Responsible AI and governance
• Managing engagements end-to-end, overseeing teams and managing clients.
• Developing risk and control matrices and reviewing procedures.
• Engagement risk management: quality assurance through file review, engagement planning, development and monitoring, engagement profitability
• Simultaneously deliver multiple client engagements of varying size, scope and complexity.
• Business development: taking an active role in the business community to increase awareness of the firm’s services and level of commitment to the local market, developing and maturing relationships with internal staff and clients, developing proposals, identifying and pursuing opportunities to increase the practice’s penetration in the public and private sector.
• Service Delivery: conducting research, performing technical testing, writing reports, conducting interviews and communicating regularly with clients and resources.
• Leading field engagement teams as well as coaching and mentoring junior staff members.

What you bring to this role:

A successful candidate will possess a mix of the following skills and behaviors:

• Bachelor’s or Masters degree in Business, Information technology, Data Science or Computer Science degree required
• Completion of relevant certifications (e.g., CISA, CRISC, CGEIT, ISO27001).
• 2 to 5 years of relevant experience in assessing information technology or business process risk ideally within a large consulting practice.
• Strong understanding and experience with IT risk management and assessments in different capacities (e.g. advisor, internal/external audits, implementor).
• Experience in the testing of controls in different IT environments.
• Experience with IT audits (e.g. financial statement audit support, SOX audit, 52-109, etc.)
• Ability to work both independently, with little supervision and within a team environment.
• Excellent written and oral communication skills, able to effectively express insights.
• Demonstrated ability to learn and succeed in a fast-paced environment.
• Attention to detail and strong organization and analytical skills.
• Strong understanding of business and audit risks.
• Has a high degree of personal confidence, enthusiasm and drive. Willingness and ability to travel both within Canada and internationally.

• Conducting assessments of IT risks and controls in support of internal and external audit and advisory engagements, related to for instance:
• Internal controls over financial reporting
• IT risk and maturity assessment
• IT projects and system implementations.
• Access Management
• IT governance reviews
• IT Third party risk management.
• Business continuity and disaster recovery
• Cloud security
• Data governance assessments and reviews
• ERP controls and security
• Responsible AI and governance
• Managing engagements end-to-end, overseeing teams and managing clients.
• Developing risk and control matrices and reviewing procedures.
• Engagement risk management: quality assurance through file review, engagement planning, development and monitoring, engagement profitability
• Simultaneously deliver multiple client engagements of varying size, scope and complexity.
• Business development: taking an active role in the business community to increase awareness of the firm’s services and level of commitment to the local market, developing and maturing relationships with internal staff and clients, developing proposals, identifying and pursuing opportunities to increase the practice’s penetration in the public and private sector.
• Service Delivery: conducting research, performing technical testing, writing reports, conducting interviews and communicating regularly with clients and resources.
• Leading field engagement teams as well as coaching and mentoring junior staff members