Senior IT & Cyber Risk Specialist (Financial Sector)

Europe, Belgium, Brussels Office - Zaventem HQ

KPMG

Welcome to KPMG International.

View all jobs at KPMG

Apply now Apply later

General information

Reference

2024-1037  

Position description

Job title

Senior IT & Cyber Risk Specialist (Financial Sector)

Function

Advisory - Senior Advisor

Roles & Responsibilities

  • Monitor and assess IT and cybersecurity risks across the organization, focusing on second-line oversight of the first line’s risk management practices.
  • Conduct independent risk assessments and challenge the first line’s processes and control effectiveness across applications, business solutions, assets, and third-party relationships.
  • Review and validate risk assessments and treatment plans proposed by the first line, ensuring compliance with organizational and regulatory standards.
  • Develop and manage IT and security control frameworks, ensuring alignment with internal policies, industry best practices, and regulatory requirements (e.g., ISO 27001, NIST, SOC).
  • Support the implementation of the various aspects of DORA with the objective to achieve compliance.
  • Conduct audits and provide oversight of IT and cybersecurity practices within the first line of defense, especially in third-party risk management.
  • Produce independent risk reports for senior management and governance committees, synthesizing security risks and providing recommendations for risk mitigation.
  • Advise on risk management strategies and propose improvements to enhance the organization’s security posture and overall risk maturity.
  • Act as a trusted advisor to the business, providing guidance on emerging risks and ensuring that the first line implements appropriate risk mitigations.
  • Ensure the integration and coherence of risk management processes across different business units, with a focus on third-party risk.
  • Oversee the review of IT and security contractual clauses with suppliers, ensuring they meet second line’s standards for risk management.
  • Collaborate with the first line, providing support and challenge to enhance the effectiveness of security controls and practices.

#LI-RV2

Location

Zaventem HQ

Skills & Qualifications

•       4+ years of experience in information security or risk management, with a focus on second line functions.
•       Experience in performing information security assessments or audits.
•       Demonstrated experience in operational security risk management.
•       Strong understanding of Information Security frameworks (ISO 27001, NIST, SOC) and their application in second line assurance activities.
•       Strong understanding of the FS regulatory landscape (DORA, NBB, EBA, etc.).
•       Proven ability to conduct risk oversight, challenge the first line’s risk management activities, and ensure compliance with internal and external standards.
•       Experience working in financial services or large-scale enterprises, with an understanding of regulatory requirements in IT and cybersecurity.
•       Security certifications such as CISSP, CISM, CCSK, or similar.
•       Familiarity with vulnerability management, penetration testing, and reviewing IT and security clauses in contracts.
•       Knowledge of control frameworks and audit methodologies within second line risk functions.
•       Strong communication and influencing skills, capable of working with senior stakeholders and challenging the first line when necessary.
•       Excellent analytical and problem-solving abilities, with a focus on providing independent assurance and actionable recommendations.
•       Proactive, autonomous, teamplayer, collaborator and able to synthesize complex issues.

We offer

  • An international corporate culture in which personal growth, mutual trust and lifelong learning are being fostered.
  • A competitive and attractive compensation package and a great number of extra-legal advantages (Company car + fuel card, IPhone/IPad, group & hospitalization insurance, Allowances,…) which are customizable with our Reflex@KPMG plan.
  • Career and business development opportunities combined with trainings based on your personal needs and ambitions.
  • Learning and growth opportunities designed for leaders through our Management development Track.
    Flexible, hybrid work arrangements to enable working from wherever you are.
  • A team of passionate colleagues to reach higher goals and support each other.
  • A buddy and performance manager to support and assist you through your first months at KPMG.
  • Great teambuilding, sport & wellbeing initiatives through our Together@KPMG program.
  • An inclusive workspace that encourages diversity and pursues mutual respect for each other’s beliefs and backgrounds.

Contract type

Permanent

Full time/ Part time

Full-time

Position location

Job location

Europe, Belgium, Brussels Office - Zaventem HQ

Candidate criteria

Minimum level of experience required

3 to 5 years

Languages

  • Dutch (Very good knowledge)
  • English (Very good knowledge)
  • French (Very good knowledge)

Apply now Apply later
  • Share this job via
  • 𝕏
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0

Tags: Audits CCSK CISM CISSP Compliance Governance ISO 27001 NIST Pentesting Risk assessment Risk management Security assessment SOC Vulnerability management

Perks/benefits: Career development Competitive pay Flex hours

Region: Europe
Country: Belgium

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.