Manager, Cyber Security - ServiceNow GRC

KPMG is currently seeking a Manager, Cyber Security - Cyber GRC / ServiceNow IRM to join our Cyber Security organization

Responsibilities

• Experience in guiding clients and developing their Cyber GRC vision, strategy, and implementation roadmap
• Experience demonstrating out of the box capabilities within ServiceNow IRM/GRC, ServiceNow SecOps, and/or OneTrust and aligning those capabilities against client's objectives
• Experience designing, architecting and implementing Cybersecurity, Cyber Risk, SecOps and GRC / IRM programs and technology platforms in one or more of the following areas: Policy and Compliance, Risk, Vendor Risk, Business Continuity, Data Privacy, Issues Management, Vulnerability Response and Security Incident Response
• Oversee implementation of one or more applications in ServiceNow IRM/GRC, ServiceNow SecOps, or OneTrust GRC supporting Cybersecurity and Cyber GRC programs
• Experience with agile and scrum methodology, creating process designs and technical designs, defining user stories, working with a diverse development teams in multiple geographies, leading user acceptance testing (UAT), and providing the necessary end-user training to deliver the proposed solution to the highest caliber
• Facilitate requirements gathering, scrum, sprints, testing, and deployment by working directly with clients
• Actively participate in practice development such as innovate solutions to complex problems, knowledge management and work towards building a strong Cyber GRC community.

Qualifications:

• A minimum of five years' experience in the field of Cybersecurity, Cyber Risk and GRC with a strong working knowledge of ServiceNow and/or OneTrust GRC;
• Bachelor's degree from an accredited college/university or equivalent professional experience;
• Certifications in any of the following: ServiceNow Certified System Administrator (required for candidates with ServiceNow experience);ServiceNow CIS certification in IRM in either: Risk and Compliance, Vendor Risk Management OneTrust GRC Professional Certification ServiceNow CIS certification in SecOps in either; Security Incident Response or Vulnerability Response (a plus)
• Solid competencies in processes related to Cyber GRC domain including Security Policy Management, Security Compliance Management, Cyber Risk, Vendor Security Risk, Business Continuity, Data Privacy Vulnerability Management, Security Incident Response Management and / or Issues Management
• Competency in security frameworks including NIST CSF, NIST 800-53, ISO 27001, HIPAA, PCI, SOX
• Competency in Unified Controls Framework (UCF) and mapping to common controls
• Experience with security tools such as Nessus, Rapid 7, Tanium, Qualys, Splunk, QRadar, LogRhythm, etc. is a plus
• Demonstrable interpersonal, facilitation and presentation skills to help clients navigate through complex cybersecurity and GRC challenges
• Ability and Willingness to Travel