Skip to main content

Perm Hire – Advisor CYBER STRATEGY & RISK

Now more than ever technology advancements are driving business transformation at a record pace, innovating business models are developed rapidly, and existing operating models are shifting and evolving. From mobile to blockchain, artificial intelligence, robotics and the Internet of Things, technology brings exciting new opportunities for transformation and growth. But adopting new technology also introduces new risks. Identifying risks and ensuring rapid response has in the last years proven to be a crucial organizational skill.
This makes it essential for companies to build their organizational resilience, strengthen their core controls and increase their cyber security maturity to meet the challenges of technology and information risk.

Taalkennis : Bij voorkeur Engels/Nederlands/Frans of Engels/Nederlands of Engels/Frans.
(Engels omdat onze “company language” is en bij voorkeur Nederlandstalig.)

The KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we don't anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory.

KPMG is currently seeking an Advisor in Cyber Strategy & Risk within the Cyber team.
    • Analyze complex enterprise information security programs and infrastructure in both public and private sector.
    • Assist with assessments of clients’ IT and security processes, risk, controls and compliance against leading practices, industry, and/or client frameworks, and assess capability, maturity, identify gaps in design and execution and communicate issues and recommendations to engagement leads and client senior management.
    • Work with client senior management to develop a cybersecurity improvement strategy and roadmap to improve maturity and reduce risk.
    • Work with client senior management to assess, design and implement stainable solutions including GRC tools, operating processes and people models to address key and evolving risks.
    • Interface with client executives and hands-on technology practitioners to bring meaningful, strategic change in the areas of information protection, data security and privacy, security operations and business continuity.
    • Articulate business risks of technical vulnerabilities and identify and communicate findings to client personnel.
    • Analyze processes, documentation, and workflows through interviews with staff performing security related duties, develop gap analysis and identify and prioritize security process improvements based on current risk of components adding professional insight.
    • Assist clients in the development of cybersecurity procedures and processes that align with leading practices.
    • Analyze cybersecurity incident response capabilities, playbooks and documentation and work with client staff to implement sustainable improvements. Facilitate table-top exercises and work with client staff to develop a plan for remediation and improvements.
    • Plan engagement objectives, strategize to comply with professional standards, and mitigate risks inherent in the engagement
    • Review work performed by the engagement team and maintain relationships with client account leadership to manage expectations of service, including work products, timing, and services to be delivered
    • Identify technological opportunities and evaluate the Information Security and compliance on the client's business
    • Demonstrate excellent project management skills, promote teamwork and individual accountability with engagement team members, and use available technology, tools, and KPMG Information Security assets to enhance the effectiveness of deliverables and services
    • A minimum of five years of experience in the field of cybersecurity and information risk management.
    • Bachelor's degree from an accredited college/university. ISO certified lead auditing experience preferred
    • Cybersecurity related certification (e.g. CISSP, CEH, CISM, CISA, GIAC, GSEC) preferred
    • Prior knowledge leading and executing IT audit, IT internal control, and IT risk consulting engagements, leveraging IT governance and control frameworks such as COBIT, NIST CSF, NIST 800-53, and ITIL and proficiency in core requirements and methodologies for SOX internal control programs is a plus.
    • Advanced knowledge of leading frameworks such as ISO 27001, NIST Cybersecurity Framework (CSF) NIST 800-53, CIS and the Cybersecurity Maturity Model
    • Experience with Information Governance and Information Security Strategy plans, and assessments using industry framework; ISO, NIST, SOC-2, PCI, CIS, etc.
    • Advanced written and verbal communication and presentation skills, leadership skills, teamwork and client service skills