string(4) "2894" string(0) "" Cloud/IT Associate – Associate/Senior Associate KPMG San Francisco, CA (Salary Not Disclosed) | Common Controls Hub


Cloud/IT Associate - Associate/Senior Associate KPMG San Francisco, CA (Salary Not Disclosed)

January 7, 2019

KPMG is currently seeking a Cloud/IT Associate - Associate/Senior Associate in Risk Assurance - IT Audit and Assurance for our KPMG Risk Consulting practice.


  • Act as a key member of the Cloud and Security Assurance team who will play an important role in the growth of our practice
  • Analyze and effectively assess cloud operational and security processes for varied client scenarios and provide creative and pragmatic recommendations to address complex problems
  • Assist with the review of commercial and/or enterprise encryption solutions/programs and provide controls assessment and enhancement assistance based on industry leading practices
  • Plan and execute the day-to-day activities of IT advisory and assurance engagements such as SOC2/SOC3 attestations, ISO 27001 readiness assessments, ISMS reviews, and SSAE 16 readiness assessments
  • Evaluate the design and effectiveness of technology controls throughout the business cycle
  • Identify and communicate findings to senior management and clients

Additional Responsibilities for Senior Associate:

  • Help identify performance improvement opportunities for assigned clients
  • Supervise and lead engagement teams and provide team oversight
  • Participate and make an effective contribution in thought leadership and innovation initiatives


  • Minimum of two years of experience in information technology management, auditing, or security
  • Bachelor's degree in an appropriate field from an accredited college/university
  • Demonstrated ability to analyze and assess different cloud technologies and control environments
  • Strong knowledge of common security frameworks and industry standards such as ISO 27001, PCI, SOC2/SOC3, NIST 800 series, NIST Cybersecurity Framework, WebTrust/SysTrust, WebTrust for Certification Authorities, and Cloud Security Alliance Controls Matrix
  • Demonstrated technical knowledge in several of the following domains: network security, PKI and encryption, digital certificates, cryptographic key management, virtualization, cloud computing, operating system and database security, business continuity management, unified compliance programs, and privacy programs
  • CISSP or CISA Certification(s) is preferred

For More Info, Go To:,CA?ojob=7e1fd863a45328c138655fa2f32c5b39