Security Remediations Support Analyst

  • Anywhere
  • Anywhere


Job description
Security Remediations Support Analyst
Role and Responsibilities

Working as part of the KPMG Assurance and Remediation team within Information Assurance, you will play a key role in ensuring that the business and IT systems are protected and secure.

The Security Remediation team supports Information Technology and business teams in a timely manner, addressing information control deficiencies and findings originating from external audits and internal audits/assessments.

The service manages and oversees the findings/deviations process, reports progress on addressing findings, chases findings owners to ensure progress in the remediation of findings, provides expertise in supporting the business in defining or remediating appropriate controls or remediation plans in order to close findings.

The role requires close co-operation with all KPMG teams.

The responsibilities of the role include:

• Manage and maintain the findings register.
• Analyse and consolidate findings, document and recommend project activities to address complex or grouped findings.
• Manage the risk acceptance process for findings.
• Chase findings owners to ensure that remediation plans are defined, updated and executed.
• Escalate findings where necessary to senior colleagues.
• Act as the first line of support for defining appropriate remediation plans and controls to close findings.
• Regularly report progress on addressing and closing findings to senior management and to findings owners.
• Support the team with more complex remediation activities.
• Verify and validate that findings are closed and log evidence, where required.
• Support the External Security Compliance team and the Controls Assurance teams in providing status updates on findings closure.
• Maintain and build good relationships across the wider team and share information to support the broader aims of Information Security.
• Demonstrate excellent project management skills, promote teamwork and individual accountability with engagement team members, and use available technology, tools, and KPMG Information Security assets to enhance the effectiveness of deliverables and services.
• Provide support to other areas of Assurance and Remediation as required.

Experience and Background

• Minimum 2 years’ experience working in an Information Security role.
• Knowledge of IT and Information Security controls.
• Good working knowledge of information security standards (e.g. Cyber Essentials, ISF Standard of Good Practice for Information Security, ISO 27001, NIST Cybersecurity Framework, CIS Top 20 Controls).
• Understanding and knowledge of risk management and remediation approaches.
• Ability to work with multi-stakeholder environments to monitor, report on and analyse remediations.
• Good written and verbal communication and presentation skills, teamwork, and customer service skills.
• Working knowledge of techniques for planning, monitoring, data analysis and reporting.
• Technical knowledge of IT /digital systems and infrastructure.
• Proven Project Management skills.
• Ability to work in high-demand, busy environments.
• Ability to quickly learn new technologies and systems.
• A methodical approach with accuracy is essential.
• Ability to develop and maintain effective working relationships with members of the different KPMG teams in the UK, and globally.
• Experienced in a wide base of technology and toolsets.

• Ability to develop and leverage strong relationships with internal and external stakeholders.
• Self-motivated, working independently, managing own workload.
• Ethical, with the ability to remain impartial and report all non-compliances.
• Organisational skills with attention to detail.
• Flexible and willing to travel overseas on business.

To apply for this job please visit

To apply for this job please visit

Contact us


Related Jobs