Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead and enhance IT security controls across various domains, including AI.
- Company: Join KPMG UK, a global leader in professional services.
- Benefits: Hybrid work model, competitive pay, and opportunities for professional growth.
- Why this job: Make a real impact on security and privacy in a dynamic environment.
- Qualifications: Expertise in IT security, audit programmes, and strong leadership skills required.
- Other info: 12-month contract with excellent career advancement opportunities.
The predicted salary is between 48000 - 72000 £ per year.
Duration: 12 months from start date (ASAP)
Location: London (hybrid)
(ALL KPMG UK CONTINGENT WORKERS MUST RESIDE AND HAVE PROOF OF RIGHTS TO WORK IN THE UK)
Role Overview
We’re seeking an experienced IT & Security Controls Manager to lead and mature our assurance activities across information protection, security, privacy, and technology risk (including AI) domains. You will lead on program enhancement, maturation and control development, and act as a trusted advisor to stakeholders.
Responsibilities
- Plan and lead control test development across information protection, security, technology (including AI) and privacy domains, ensuring clear linkage to audit/assurance objectives and programme requirements.
- Interpret audit programme requirements and identify maturation opportunities while ensuring alignment to policy, standard and framework requirements (e.g., ISO/IEC 27001/27701, NIST CSF/800‑53, COBIT, PCI DSS where relevant).
- Engage and consult with stakeholders across key domains (e.g., technology, security, data, privacy, risk, delivery).
- Training Development: develop enhanced training and materials in support of enhanced audit programme and control test steps for audit teams.
- Contribute to enhanced audit program roll‑out: participate in strategic planning and audit programme socialization and roll‑out, inclusive of newly created test steps.
Qualifications
- Deep SME expertise in information protection controls assessment, security, technology (including AI considerations) and privacy — operating at senior associate/manager level.
- Proven GITC/ITGC testing expertise and hands‑on control assessment leadership across apps, infra, and data platforms.
- Experience implementing & interpreting audit programmes, translating requirements into executable workpapers and evidence standards.
- Track record designing/maturing assurance programmes (frameworks, methods, test suites, tooling, and reporting).
- Strong working knowledge of security and privacy frameworks (e.g., ISO 27001/27701, NIST, COBIT, SOC reporting contexts, GDPR principles).
- Excellent leadership & delivery skills managing multi‑disciplinary reviews through to closure.
- Outstanding communication — clear reports, defensible findings, constructive challenge with senior stakeholders.
- Experience with automation of control testing, evidence collection tooling, or analytics to improve coverage/efficiency.
- Familiarity with cloud control baselines (Azure/AWS), identity & access management, privileged access, logging/monitoring, and third‑party risk.
- Understanding of AI/ML control themes (model lifecycle governance, data lineage, bias/ethics, monitoring).
- Professional certifications (e.g., CISM, CISSP, CISA, ISO 27001 Lead Auditor/Implementer, IAPP).
About KPMG
KPMG is part of a global network of firms that offers Audit, Tax & Legal, Consulting, Deal Advisory and Technology services. Through the talent of over 16,000 colleagues, we bring our creativity and insight to our clients’ most critical challenges. With offices across the UK, we work with everyone from small start‑ups and individuals to major multinationals, in virtually every industry imaginable. Our work is often complex, yet our vision is simple: to be the clear choice for our clients, for our people and for the communities we work in.
Job Details
- Seniority level: Mid‑Senior level
- Employment type: Contract
- Job function: Information Technology
- Industries: Professional Services
- Location: London, United Kingdom
- Duration: 12 months
IT & Security Controls Manager in England employer: KPMG UK
Contact Detail:
KPMG UK Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land IT & Security Controls Manager in England
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry, especially those at KPMG or similar firms. A friendly chat can sometimes lead to opportunities that aren’t even advertised.
✨Tip Number 2
Prepare for interviews by researching KPMG’s recent projects and initiatives in IT and security. This shows you’re genuinely interested and helps you tailor your answers to align with their goals.
✨Tip Number 3
Practice your STAR technique for answering competency questions. Structure your responses around Situation, Task, Action, and Result to clearly demonstrate your experience and skills.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re serious about joining the team.
We think you need these skills to ace IT & Security Controls Manager in England
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the IT & Security Controls Manager role. Highlight your experience with information protection, security frameworks, and any relevant certifications. We want to see how your skills align with what KPMG is looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for this role. Mention specific experiences that relate to the responsibilities listed in the job description. Let us see your passion for the field!
Showcase Your Achievements: When detailing your past roles, focus on your achievements rather than just duties. Use metrics where possible to demonstrate your impact, especially in areas like control testing and audit programme development. We love numbers that tell a story!
Apply Through Our Website: Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re serious about joining the KPMG team. We can’t wait to see your application!
How to prepare for a job interview at KPMG UK
✨Know Your Frameworks
Make sure you’re well-versed in the key security and privacy frameworks mentioned in the job description, like ISO 27001/27701 and NIST. Be ready to discuss how you've applied these in your previous roles, as this will show your deep expertise and understanding of the requirements.
✨Showcase Your Leadership Skills
Prepare examples that highlight your leadership and delivery skills. Think about times when you managed multi-disciplinary reviews or led a team through complex projects. This will demonstrate your capability to handle the responsibilities of the role effectively.
✨Engage with Stakeholders
Since the role involves consulting with various stakeholders, be prepared to discuss your experience in engaging and communicating with different teams. Share specific instances where you successfully navigated stakeholder relationships to achieve project goals.
✨Be Ready for Technical Questions
Brush up on your technical knowledge, especially around automation of control testing and cloud control baselines. Expect questions that assess your understanding of AI/ML control themes and how they relate to security. Being able to articulate your thoughts clearly will set you apart.
