×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant Data Security

Senior Manager, Global Digital Risk Policy Lead, Global QRM, Secondment

Job in Toronto, Ontario, C6A, Canada
Listing for: KPMG LLP Canada
Contract position
Listed on 2026-02-28
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, Data Security
Salary/Wage Range or Industry Benchmark: 125000 - 150000 CAD Yearly CAD 125000.00 150000.00 YEAR
Job Description & How to Apply Below
Position: Senior Manager, Global Digital Risk Policy Lead, Global QRM, Secondment/Fixed Term contract (En[...]

Overview

At KPMG, you’ll join a team of diverse and dedicated problem solvers, connected by a common cause: turning insight into opportunity for clients and communities around the world.

The GDR Policy team is responsible for developing, communicating, and maintaining policies and related materials addressing information risk, security and privacy in KPMG.

KPMG's policies are designed to meet the firm's business requirements and expectations of external parties and clients. These materials define the minimum baselines for those areas for all KPMG organizations.

What you will do
  • Act as the GDR Policy Lead subject matter expert (SME) to develop and update KPMG Global Digital Risk Policies and guidance materials ensuring alignment to industry standards such as ISO and NIST;
    Act as one of GDR’s AI Delegates representing GDR on the Global AI Trusted Design Authority Working Group and the GQ® RM AI Taskforce providing policy advice on the adoption of AI at KPMG;
    Manage resources who support Policy Portal Maintenance and the Policy Exceptions Process;
    Provide oversight of the existing Policy Exceptions Process and work with other stakeholder groups to ensure process is fit for purpose and exceptions are reviewed and decided on in a timely manner and in line with Policy
  • Lead the GDR Information Protection Policy Working Group (IPPWG), which is a formal policy governance body made up of KPMG International and Member Firm stakeholders that facilitates the review, updating and voting on Policy materials;
    Coordinate further ratification and communication of new or updated materials to other formal policy governance bodies, such as the Policy Development Working Group and the Global Quality and Risk Management Steering Group;
    Working with the central policy team, prepare the pre-read materials and subsequent communication (Special Alert) to communicate updates to GDR policies to the network of member firms
  • Support the GDR Senior Leadership Team in regular tasks related to compliance, attestations and certification audits (specifically ISO
    27K, SOC2, SoQM, IPCR) and Global client requests related to our policy materials;
    Support KPMG’s Cyber Insurance submission, responding to Cyber Insurance questionnaires and providing Policy and Governance advice and documentation
  • Maintain one to one calls with IPPWG members to discuss feedback, input and questions;
    Represent GDR on Security Standards working groups and review Standards for compliance with GDR Information Protection Policies;
    Responding and contributing to AI policy requirements from an information security perspective and as directed by AI governance bodies
  • Provide advice and support to other KPMG Functions, Business Lines and KPMG’s Network of Member Firms on a wide range of information protection strategic and operational priorities, including those related to artificial intelligence (AI)
What you bring to the role
  • Minimum of 7 - 10 years in policy writing, development, management and or compliance in one or more of the following areas: information security, information protection, risk management, artificial intelligence
  • Bachelor’s degree in an appropriate subject from an accredited college or university or equivalent work experience
  • Demonstrated experience of critical and analytical skills with ability to research, interpret and translate technical information into well written policy materials
  • Excellent and proven writing skills with ability to formulate policy clauses, policy documents and communications of policy requirements to the KPMG network. Excellent moderation, negotiation and communication skills required
  • Strong understanding of Cyber risks, threats, security principles and best practices. Prior experience in the analysis of emerging digital risks, including those related to artificial intelligence highly desired. Professional qualifications (e.g. CISSP, CISM or CRISC) is desirable but not essential
  • In depth knowledge of security industry frameworks including ISO 27001 suite of standards, NIST 800-53 and related NIST standards, Cloud Control Matrix (CSA), COBIT. Proven experience in supporting attestations, certifications and related audits: e.g. ISO…
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search