Sr. Associate, Security GRC

About KTSA

We are KTSA – KPMG Technology Services Americas.

A Service Delivery Center of KPMG US, with offices in Mexico City, Guadalajara, and a growing network of remote talent across the country. We deliver high-value technology, consulting, and corporate support services to KPMG US and its clients.

At KTSA, our Employer Value Proposition is clear:
Explore
.

Explore isn't just a word — it's how we grow, lead, and thrive. It's the mindset that drives our culture and shapes every opportunity:

• Experience
  a collaborative, inclusive, and multicultural workplace where you belong.
• Excel
  by creating impact and leaving your mark on global projects.
• Expand
  your potential with real career paths, learning programs, and mentorship.
• Express
  your individuality — come as you are, and thrive as your authentic sel

Key Responsibilities:

• Responsible for the execution of high-level compliance audits following the ISO 27001 and 42001 frameworks.

• Apply a thorough knowledge of risk, compliance, information security and privacy to develop and execute a multi-disciplined IT and Security Risk Management implementation plan, with the ability to enable leadership to make informed, risk-based decisions across disparate categories of risk, e.g., stability, operations, cyber, information handling, physical security, resiliency.

• Build and maintain trust-based relationships with peers and leaders. Evaluate risk reduction and mitigation activities to continually drive towards risk reduction methodologies.

• Analyze the impacts of key risks, define criteria to make risk tradeoffs, and make recommendations to leadership to minimize overall risk posture. Defend KPMG security design and effectiveness capabilities to external entities, as needed.

• Evaluate the changing operating landscape and determine its impact on organizational risks, obligations, and external expectations. Recommend changes to risk approach to ensure consistency with current IT and security best practices.

• Oversee work product(s) and lead small to medium size projects, managing deadlines, expectations, and supervising the work performed by more junior staff; provide coaching, mentoring and feedback to such individuals and will serve as an informal performance manager of a team of junior employees.

• Thorough review of Audit workpapers for their quality, timeliness, completeness and accuracy.

• Responsible for escalation requests for control evidence from identified control owners/operators.

• Responsible for the timely collection, evaluation, acceptance or rejection and feedback of control evidence and artifacts thereof.

Qualifications:

• Bachelor's degree with 3-5 years of IT audit experience within a large professional services environment.

• Experience with ISO Information Security and Privacy) and/or ISO42001 (Artificial Intelligence) evaluation of control, mitigating controls, identification of control deficiencies and facilitation of the remediation processes collaboration preferred.

• Detail oriented with strong verbal and written communication, problem solving, analytical and independent judgment skills to support an environment driven by customer service and teamwork.

• Ability to positively influence and be a credible source of knowledge to peers and other teams.

• Familiarity with the Public Company Accounting Oversight Board (PCAOB), SOC 1/2/3, AICPA, ISO, COBIT, CSA, ITIL and other relative IT and Information Security Frameworks.

• Relevant industry certifications, e.g. CISA, CISM, CISSP, ISO 27001/42001 Lead Auditor (optional).

And because we know that thriving at work also means thriving in life, we back this mindset with
KTSAMÁS
, our total rewards program, designed to support your well-being, goals, and personal milestones.

Expand your possibilities with KTSA through KTSAMÁS, where you can access:

• Extended maternity, paternity, and adoption leaves
• Above-market vacation benefits
• Hybrid work model
• Learning opportunities, training, and certification programs
• Extended marriage leave and daycare support
• Wellness and Employee Assistance Programs (EAP)
• Comprehensive medical plan, life insurance, car insurance, and funeral assistance

Visit to learn more.

At KTSA, we celebrate and support everyone's individuality. We do not discriminate against any race, religion, color, national origin, gender, sexual orientation, gender identity or expression, age, marital status, or disability. We are supportive of helping you to achieve a balance between your home and work demands. We are happy to discuss specific requirements and our range of flexible working arrangements could be of interest. Please ask to find out more. We strongly state that we DO NOT require a certificate of non-pregnancy or HIV in order to participate in any of our processes.

Explore KTSA, we dare to be different

Home - KTSA

KTSA - KPMG Technology Services of Americas