Senior IT & Cyber Risk Specialist (Financial Sector)
Europe, Belgium, Brussels Office - Zaventem HQ
General information
Reference
2024-1037Position description
Job title
Senior IT & Cyber Risk Specialist (Financial Sector)
Function
Advisory - Senior Advisor
Roles & Responsibilities
- Monitor and assess IT and cybersecurity risks across the organization, focusing on second-line oversight of the first line’s risk management practices.
- Conduct independent risk assessments and challenge the first line’s processes and control effectiveness across applications, business solutions, assets, and third-party relationships.
- Review and validate risk assessments and treatment plans proposed by the first line, ensuring compliance with organizational and regulatory standards.
- Develop and manage IT and security control frameworks, ensuring alignment with internal policies, industry best practices, and regulatory requirements (e.g., ISO 27001, NIST, SOC).
- Support the implementation of the various aspects of DORA with the objective to achieve compliance.
- Conduct audits and provide oversight of IT and cybersecurity practices within the first line of defense, especially in third-party risk management.
- Produce independent risk reports for senior management and governance committees, synthesizing security risks and providing recommendations for risk mitigation.
- Advise on risk management strategies and propose improvements to enhance the organization’s security posture and overall risk maturity.
- Act as a trusted advisor to the business, providing guidance on emerging risks and ensuring that the first line implements appropriate risk mitigations.
- Ensure the integration and coherence of risk management processes across different business units, with a focus on third-party risk.
- Oversee the review of IT and security contractual clauses with suppliers, ensuring they meet second line’s standards for risk management.
- Collaborate with the first line, providing support and challenge to enhance the effectiveness of security controls and practices.
#LI-RV2
Location
Zaventem HQ
Skills & Qualifications
• 4+ years of experience in information security or risk management, with a focus on second line functions.
• Experience in performing information security assessments or audits.
• Demonstrated experience in operational security risk management.
• Strong understanding of Information Security frameworks (ISO 27001, NIST, SOC) and their application in second line assurance activities.
• Strong understanding of the FS regulatory landscape (DORA, NBB, EBA, etc.).
• Proven ability to conduct risk oversight, challenge the first line’s risk management activities, and ensure compliance with internal and external standards.
• Experience working in financial services or large-scale enterprises, with an understanding of regulatory requirements in IT and cybersecurity.
• Security certifications such as CISSP, CISM, CCSK, or similar.
• Familiarity with vulnerability management, penetration testing, and reviewing IT and security clauses in contracts.
• Knowledge of control frameworks and audit methodologies within second line risk functions.
• Strong communication and influencing skills, capable of working with senior stakeholders and challenging the first line when necessary.
• Excellent analytical and problem-solving abilities, with a focus on providing independent assurance and actionable recommendations.
• Proactive, autonomous, teamplayer, collaborator and able to synthesize complex issues.
We offer
- An international corporate culture in which personal growth, mutual trust and lifelong learning are being fostered.
- A competitive and attractive compensation package and a great number of extra-legal advantages (Company car + fuel card, IPhone/IPad, group & hospitalization insurance, Allowances,…) which are customizable with our Reflex@KPMG plan.
- Career and business development opportunities combined with trainings based on your personal needs and ambitions.
- Learning and growth opportunities designed for leaders through our Management development Track.
Flexible, hybrid work arrangements to enable working from wherever you are. - A team of passionate colleagues to reach higher goals and support each other.
- A buddy and performance manager to support and assist you through your first months at KPMG.
- Great teambuilding, sport & wellbeing initiatives through our Together@KPMG program.
- An inclusive workspace that encourages diversity and pursues mutual respect for each other’s beliefs and backgrounds.
Contract type
Permanent
Full time/ Part time
Full-time
Position location
Job location
Europe, Belgium, Brussels Office - Zaventem HQ
Candidate criteria
Minimum level of experience required
3 to 5 years
Languages
- Dutch (Very good knowledge)
- English (Very good knowledge)
- French (Very good knowledge)
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CCSK CISM CISSP Compliance Governance ISO 27001 NIST Pentesting Risk assessment Risk management Security assessment SOC Vulnerability management
Perks/benefits: Career development Competitive pay Flex hours
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.