Senior IT Risk & Compliance Advisor

Senior IT Risk & Compliance Advisor
Varna, Ref №: SrITAA1024E

We are now open to welcoming an expert Senior IT Risk & Compliance Advisor to join our team and play a key role in conducting comprehensive IT risk and consultancy services for our clients and delivering strategic insights and recommendations for improvement.

In this role, you will advise key decision-makers on IT Risk and Compliance strategies within large international and local clients. You will be part of a solid team, focused on providing solutions in IT risk management, compliance and technology optimization.

Key responsibilities include: 

• Testing the design and implementation of general IT controls and IT-dependent business processes according to established standards and best practices
• Documenting technology infrastructure risks, controls and findings
• Participating in Statement of Controls (SOC), ICFR Sarbanes-Oxley (SOX), Digital Resilience, Data Privacy, Cybersecurity and IT due diligence engagements
• Developing IT assurance knowledge on contemporary technologies and applications, such as Microsoft Azure, Google Cloud, AWS, Windows Server, Microsoft SQL server, Oracle database, SAP, Dynamics365, ServiceNow, etc.
• Coordinating and supporting junior team members in their daily responsibilities related to specific project tasks
• Building strong relationships within internal teams and with our clients

Through advising clients from various industries, you will have the opportunity to deepen your expertise in:

• IT General Controls – IT Risk and Governance, Identity and Access Management, IT Development, IT Change management, IT Disaster Recovery
• Technology risk principles of operating systems – Windows Server, AIX/Linux, cloud platforms, databases (MS SQL/Oracle server), ERPs (SAP, MS Dynamics365)
• IT processes around Systems security, Change management and Computer Operations and their fundamental controls
• Cyber Security, Data Privacy, ERP, Cloud and IT SOX

To be up to the challenge you should have:

• Preferred qualifications include CISA, CISM or other relevant IT audit qualification
• University degree in Information Technology, Finance, Control, Audit, Business Administration or a related discipline, and a strong interest in IT Risk & Compliance
• Proficient level of written and verbal communication skills in English
• Minimum 3 years relevant experience
• The mindset of an advisor, leveraging expertise to create opportunities and find the best solutions
• Self-motivation and desire to learn and develop
• Willingness to show objectivity, professional scepticism, ethics and integrity

At KPMG, we believe in creating an environment where our employees can thrive both professionally and personally. Here’s what we offer: 

• Work-Life Balance: Hybrid working, flexible hours, and extra holidays
• Learning Opportunities: Onboarding program, certification support, online and on-site courses
• Career Development: structured performance development; performance-based promotions
• Considerate Remuneration Package: Regular salary increases and performance bonuses, referral bonus
• Wellbeing program: Food vouchers, additional health insurance, sport card, corporate discounts, fresh fruit, and team building events
• Transportation: Fuel vouchers or public transportation card

KPMG has committed to achieve net-zero carbon emissions by 2030 as per Our Impact Plan. We have also committed to advocate for equal opportunity, protecting the physical and mental health of our people, supporting education and lifelong learning in our communities. We act lawfully, ethically and in the public interest.

Your application package will be treated with strict confidentiality. Only shortlisted applicants will be contacted.
Some of the information that you provide upon submission of your application is personal data and is covered by the special protection regime under the General Data Protection Regulation (EU 2016/679). KPMG may process your personal data for the purpose of search and selection of suitable candidates for the position as set out above. Your personal data will be stored during the recruitment campaign and afterwards upon your explicit consent or as required by the applicable law. Additional information about the personal data we process in recruitment campaigns, legal reasons and purposes for processing, your rights and other useful information can be found in our Privacy Statement for job applicants. Please read it carefully before submitting your application. 

© 2025 KPMG Bulgaria OOD, a Bulgarian limited liability company and a member firm of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.