Senior Associate, Security Governance and Compliance (...

Join KPMG, a recognized leader in audit, tax, and advisory services, known for fostering a supportive and rewarding work culture. As we continue to grow through delivering exceptional results for our clients, we invite you to be part of our success story. Our inclusive environment champions individual development, embraces innovation, and strengthens our communities, making KPMG consistently ranked among the top employers by various prestigious organizations. We are looking for a passionate and experienced Senior Associate in Security Governance, Risk, and Compliance (Audit) to join our Enterprise Security Services team. This position offers the flexibility of remote work, allowing you to contribute significantly while enjoying work-life balance. Responsibilities: Lead high-level compliance audits using the ISO 27001 and 42001 frameworks. Utilize your expertise in risk management and compliance to advance an IT and Security Risk Management implementation plan that helps leadership make informed, risk-based decisions across various risk categories. Foster trust-based relationships with colleagues and leadership, aiming to enhance risk reduction and mitigation strategies. Develop and maintain quality Audit workpapers, ensuring they are timely, complete, and accurate. Effectively collect, evaluate, and provide feedback on control evidence and related artifacts promptly. Uphold KPMG’s values of integrity, professionalism, and personal responsibility within a respectful work environment. Qualifications: A minimum of three years of recent experience in IT audit within a sizable professional services organization. Preferred: A bachelor's degree from an accredited institution and relevant industry certifications (e.g., CISA, CISM, CISSP, ISO 27001/42001 Lead Auditor). Experience with evaluating controls and mitigating factors related to ISO 27001 and/or ISO 42001 is a plus. Strong attention to detail, coupled with excellent verbal and written communication, problem-solving, analytical, and independent judgment skills. Ability to positively influence peers and act as a credible source of knowledge across teams. Familiarity with key IT and Information Security Frameworks such as PCAOB, SOC, AICPA, ISO, COBIT, CSA, and ITIL. Applicants must be legally authorized to work in the U.S. without requiring employment-based visa sponsorship now or in the future. KPMG offers a competitive compensation and benefits package, including various medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and extensive personal well-being benefits. KPMG believes in work-life balance, providing personal time off, annual holidays, and additional breaks throughout the year. We invite you to apply and play a critical role in our success at KPMG. Your journey with us starts here!

Created: 2026-03-06