Senior Manager Information Protection Group @ KPMG China
Your Application Journey
Email Hiring Manager
Job Details
Senior Manager Information Protection Group
KPMG China offers multidisciplinary services in audit, tax, and advisory, with an emphasis on client needs and corporate responsibility. Our Information Protection Group (IPG) is part of Quality & Risk Management (Q&RM) dedicated to addressing information security, privacy, and data management challenges.
Service Line Overview
The IPG is responsible for managing internal/external audits and ensuring compliance with information security laws and standards across Chinese Mainland, Hong Kong, and Macao. You will help translate insights into action while balancing business needs with robust security requirements.
Key Responsibilities
- Manage internal and external audits and compliance reviews (ISO27001, ISO27017, ISO27701).
- Ensure adherence to firm policies and applicable security regulations.
- Handle queries from business units and regulators.
- Deliver balanced security recommendations and support business strategy.
- Collaborate with IT, technology groups, and business teams.
Experience & Background
Minimum 10 years of experience in information security with 5+ years in a managerial role; Big 4 experience is a plus. Academic background in IT, Computer Science or related field and professional certifications (CISM, CISA, CISSP) are highly preferred. Hands-on experience with ISO standards and China’s MLPS 2.0 is beneficial.
About KPMG China
KPMG China is committed to diversity, ESG initiatives, and creating an inclusive work environment. We invite all qualified candidates to apply and unlock opportunities with us.
Key skills/competency
- Information Security
- Audit
- Compliance
- ISO27001
- Risk Management
- Leadership
- Stakeholder Management
- Data Protection
- Security Frameworks
- Communication
How to Get Hired at KPMG China
🎯 Tips for Getting Hired
- Research KPMG China's culture: Understand their mission, values, and ESG efforts.
- Customize your resume: Highlight audit and compliance achievements.
- Showcase certifications: Emphasize CISM, CISA, and CISSP credentials.
- Prepare for interviews: Focus on regulatory and risk management experiences.