Skip to main content

Perm Hire – Manager CYBER STRATEGY & RISK (#822025)

zaventem START DATE: TBD DEADLINE: ASAP
Now more than ever technology advancements are driving business transformation at a record pace, innovating business models are developed rapidly, and existing operating models are shifting and evolving. From mobile to blockchain, artificial intelligence, robotics and the Internet of Things, technology brings exciting new opportunities for transformation and growth. But adopting new technology also introduces new risks. Identifying risks and ensuring rapid response has in the last years proven to be a crucial organizational skill.
This makes it essential for companies to build their organizational resilience, strengthen their core controls and increase their cyber security maturity to meet the challenges of technology and information risk.

The KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we don't anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory.

Taalkennis : Bij voorkeur Engels/Nederlands/Frans of Engels/Nederlands of Engels/Frans.
(Engels omdat onze “company language” is en bij voorkeur Nederlandstalig.)


KPMG is currently seeking a Manager in Cyber Strategy & Risk within the Cyber team.
Responsibilities:
    • Analyze complex enterprise information security programs and infrastructure in both public and private sector.
    • Assist with assessments of clients’ IT and security processes, risk, controls and compliance against leading practices, industry, and/or client frameworks, and assess capability, maturity, identify gaps in design and execution and communicate issues and recommendations to engagement leads and client senior management.
    • Work with client senior management to develop a cybersecurity improvement strategy and roadmap to improve maturity and reduce risk.
    • Work with client senior management to assess, design and implement stainable solutions including GRC tools, operating processes and people models to address key and evolving risks.
    • Interface with client executives and hands-on technology practitioners to bring meaningful, strategic change in the areas of information protection, data security and privacy, security operations and business continuity.
    • Articulate business risks of technical vulnerabilities and identify and communicate findings to client personnel.
    • Analyze processes, documentation, and workflows through interviews with staff performing security related duties, develop gap analysis and identify and prioritize security process improvements based on current risk of components adding professional insight.
    • Assist clients in the development of cybersecurity procedures and processes that align with leading practices.
    • Analyze cybersecurity incident response capabilities, playbooks and documentation and work with client staff to implement sustainable improvements. Facilitate table-top exercises and work with client staff to develop a plan for remediation and improvements.
Qualifications:
    • A minimum of three years in the field of cybersecurity and information risk management.
    • Bachelor's degree from an accredited college/university in an appropriate field. ISO certified lead auditing experience preferred.
    • Working knowledge of leading frameworks such as ISO 27001, NIST Cybersecurity Framework (CSF) NIST 800-53, CIS and the Cybersecurity Maturity Model
    • Experience writing policies, procedures and controls in one or more standards/framework
    • Cybersecurity related certification (e.g. CISSP, CEH, CISM, CISA, GIAC, GSEC) preferred
    • Excellent written and verbal communication, facilitation, leadership and presentation skills.