Professional Risk Manager Jobs in Calgary, AB (NOW HIRING)

At KPMG in Canada, our people bring their unique perspectives to Canada’s most important challenges. Here, you can build momentum that reaches beyond our business, develop skills for the future, and take ownership of your career with support at every stage. Join a firm where your career can make a difference.

Our Calgary team is looking for highly motivated Cyber Security professionals at the Manager/Senior Manager level to join our team! As a member of KPMG Canada’s cross-functional Cyber team, you will be dedicated to enabling our clients' cyber transformation journey through service delivery leadership, advisory, and support.

 A career within our Cybersecurity services practice will provide you with the opportunity to help our clients design, implement, optimize and sustain effective Cybersecurity programs that protect against threats, propels transformation, and drives growth. As companies pivot toward a digital business model, exponentially more data is generated and shared among organizations, partners and customers. We play an integral role in helping our clients ensure they are protected by developing transformation strategies focused on security, efficiently integrate and manage new or existing technology systems to deliver continuous operational improvements and increase their return on cybersecurity investments, and detect, respond to, and remediate threats.

KPMG’s Cyber team has received tremendous investment and has been identified as a transformational part of the firm to deliver growth over the next five years. This is an excellent opportunity for those that are looking to stay ahead of the curve and work in a firm with unparalleled career progression opportunities.

You will work as part of a team of problem solvers with extensive consulting and industry experience, helping our clients solve their complex business issues from strategy to execution. Specific responsibilities include but are not limited to:

• Leadership, oversight, and successful delivery of cyber security transformation engagements serving multiple clients across various industries
• Understand our clients' key cybersecurity challenges and opportunities, and advise/ propose practical and cost-effective solutions to address them and to effectively manage risk across multiple layers of the technology architecture stack
• Hands-on participation in the digital and technical aspects of engagements including design and implementation
• Champion one or more technical service offerings such as threat risk assessments, threat modeling, identity access management, IT asset and vulnerability management, cyber maturity assessments and transformation roadmap development and execution
• Active involvement in the business development activities such as participating in the local business community and developing relationships with clients to increase awareness of the firm’s services. Identifying and assisting in pursuits including developing marketing materials, proposals, presentations and research
• Contribute to team development through engaged mentorship and knowledge sharing to help team members grow their consulting skills, professional brand, and technical acumen. Manage the performance and development of team members
• Work collaboratively across KPMG service lines to provide holistic support to our clients
• Engage in and contribute to the innovation, growth and enhancement of KPMG Cyber services.
• Establish and maintain effective working relationships with colleagues, existing clients, and prospective client organizations

• Experience in cyber security consulting and/or technology consulting or operations, including recommending applicable cyber security solutions within mid to large level organizations.
• Bachelors or Diploma required.
• Proven experience in defining and/or implementing security controls across multiple layers of the technology architecture stack.
• Interpreting and applying the requirements of appropriate standards (e.g., NIST, ISO, OSFI, ISF), policies, regulatory requirements and threat/risk assessment in the definition of enterprise security strategy.
• Designing and updating cybersecurity strategies, roadmaps, and target operating models.
• Industry relevant designations such as CISSP, CISA, CISM, CRISC, ITIL, PCI QSA, CIPP/C, TOGAF, or SABSA an asset;
• Strong knowledge of security risk management practices including security architecture, vulnerability and patch management, identity access management (IAM), cloud security, privacy, etc.
• Experience implementing business resilience strategies to manage the impact of a cyber incidents, including designing and updating cybersecurity strategies, roadmaps, and target operating models within a business context.
• Experience effectively communicating and presenting cyber security strategies, solutions, and insights to stakeholders at various levels.
• Experience developing reports in a clear, organized structure, catering to a mix of technical and business/managerial stakeholders.

Providing you with the support you need to be at your best

Integrity, we do what is right | Excellence, we never stop learning and improving | Courage, we think and act boldly | Together, we respect each other and draw strength from our differences | For Better, we do what matters

KPMG in Canada is a proud equal opportunities employer and we are committed to creating a respectful, inclusive and barrier-free workplace that allows all of our people to reach their full potential. A diverse workforce is key to our success and we believe in bringing your whole self to work. We welcome all qualified candidates to apply and hope you will choose KPMG in Canada as your employer of choice.

Adjustments and accommodations throughout the recruitment process

At KPMG, we are committed to fostering an inclusive recruitment process where all candidates can be themselves and excel. We aim to provide a positive experience and are prepared to offer adjustments or accommodations to help you perform at your best. Adjustments (informal requests), such as extra preparation time or the option for micro breaks during interviews, and accommodations (formal requests), such as accessible communication supports or technology aids, are tailored to individual needs and role requirements. You will have an opportunity to request an adjustment or accommodation at any point throughout the recruitment process. If you require support, please contact KPMG’s Employee Relations Service team by calling 1-888-466-4778.

AI Usage

Weembrace the use of artificial intelligence (AI) to enhance the candidate experience and streamline our recruitment processes. AI tools may help with organizing applications or surfacing relevant qualifications. However, no hiring decisions are made using AI. Every hiring decision is made by our hiring managers and recruitment professionals, who are equipped with training that empowers them to use these tools responsibly. AI technologies used in our recruitment process undergo detailed risk assessments, including security and privacy requirements, that align with KPMG’s Trusted AI framework.

We believe technology should empower human judgment, not replace it. It’s one of the many ways we’re delivering on our vision of being a technology-first, people-driven firm.

• Experience in cyber security consulting and/or technology consulting or operations, including recommending applicable cyber security solutions within mid to large level organizations.
• Bachelors or Diploma required.
• Proven experience in defining and/or implementing security controls across multiple layers of the technology architecture stack.
• Interpreting and applying the requirements of appropriate standards (e.g., NIST, ISO, OSFI, ISF), policies, regulatory requirements and threat/risk assessment in the definition of enterprise security strategy.
• Designing and updating cybersecurity strategies, roadmaps, and target operating models.
• Industry relevant designations such as CISSP, CISA, CISM, CRISC, ITIL, PCI QSA, CIPP/C, TOGAF, or SABSA an asset;
• Strong knowledge of security risk management practices including security architecture, vulnerability and patch management, identity access management (IAM), cloud security, privacy, etc.
• Experience implementing business resilience strategies to manage the impact of a cyber incidents, including designing and updating cybersecurity strategies, roadmaps, and target operating models within a business context.
• Experience effectively communicating and presenting cyber security strategies, solutions, and insights to stakeholders at various levels.
• Experience developing reports in a clear, organized structure, catering to a mix of technical and business/managerial stakeholders.

Providing you with the support you need to be at your best