Associate Consultant - Digital Access Review and Compliance

Associate Consultant

As a Digital Access Review Contractor, you will be a key member of the Digital Security and Compliance Team
responsible for initiating and coordinating regular access reviews. You will work closely with technical owners,
administrators, and business owners to ensure that both privileged and standard user accounts are reviewed in a
timely and rigorous manner. Your responsibilities include the review and management of security groups,
distribution lists, and software licenses, as well as maintaining the accuracy and completeness of the inventory.
You are expected to apply structured methodologies and a high degree of rigor to all processes, ensuring
alignment with KPMG policies, standards, and security best practices while collaborating with cross-functional
teams to secure access for authorized users.
The role requires autonomy, meticulous attention to detail, and a proactive mindset, as you will independently
drive improvements and uphold compliance standards.
You will contribute to maintaining and improving the security and compliance of KPMG.

You will:
 Initiate and coordinate regular access reviews for privileged and standard users, engaging relevant
stakeholders (technical owners, administrators, business owners…)
 Ensure ISO27002 Controls related to Access Management and Security standard are implemented and
followed.You will:
 Support the identity lifecycle management process, ensuring de-provisioning, update, inventory,
ownership and access reviews.
 Ensure role-based access control (RBAC), compliance with internal policies and segregation of duties
are implemented.
3. Security Group, Distribution List and Licence Review
You will:
 Oversee periodic reviews of security groups, distribution lists
 Oversee software license allocations to ensure appropriate access and compliance.
4. Stakeholder Engagement & Communication
You will:
 Act as a point of contact for stakeholders involved in access reviews, ensuring clear and effective
communication and collaboration across teams.
 Coordinate and drive access review campaigns, actively engaging all relevant parties to ensure timely
completion and alignment with organizational objectives.
 Provide regular updates to the Digital Risk function and the Digital Security and Compliance Leader,
ensuring they are informed of progress, issues, and outcomes related to access reviews
5. Continuous Improvement & Innovation
You will:
 Stay updated on industry trends and best practices in identity and access management.
 Participate in initiatives to enhance access management processes and technologies.
 Support audit processes and assessments

Bachelor in IT, Information Security, Process, or a related field.
 2-3 years of relevant work experience in IT, information security concepts and practices or in Identity
and Access Management.
 Knowledge of identity management and security frameworks (e.g., ITL, ISO27001, ISO27002, NIST, …).
 Project management skills,
 Stakeholder coordination skills.
 Good verbal and written communication skills in English, French is an asset

Good organizational & adaptation skills
 Knowledge on Identity and Access management principles
 Demonstrated experience in initiating and coordinating access reviews
 Strong organizational skills, attention to detail, and ability to maintain accurate records

Experience Level

Mid Level