IT & Cyber Risk Specialist (Financial Sector)

工作内容

We’re looking for experienced IT and Cyber Risk professionals to support financial sector clients in strengthening their cybersecurity. In this second-line role, you’ll oversee and challenge the first line’s risk management practices, helping ensure compliance, resilience and alignment with regulations.

What will you work on:

• Oversee and assess IT and cyber risks, focusing on second-line validation of first-line controls and practices.
• Review risk assessments and treatment plans to ensure compliance with internal and external standards.
• Support development and implementation of control frameworks (e.g., ISO 27001, NIST, SOC).
• Help clients comply with DORA and improve overall cyber risk maturity.
• Conduct audits and provide oversight, especially around third-party risk.
• Deliver clear, actionable risk reports for senior management and governance teams.
• Advise on risk strategy and improvements to enhance security posture.
• Review IT and security clauses in supplier contracts for risk alignment.
• Collaborate with first-line teams to support and challenge their control effectiveness.
• This role offers long-term engagement with 1-2 clients, allowing you to build strong relationships and make a meaningful impact on their cyber risk management.

What do you need:

• You have 4+ years of experience in information security or risk management, with a strong focus on second-line roles.
• You’ve conducted security assessments or audits and have hands-on experience with operational risk management.
• You understand frameworks like ISO 27001, NIST, and SOC and how they apply in second-line assurance.
• You’re familiar with financial sector regulations (DORA, NBB, EBA) and have worked in financial services or large enterprises.
• You can effectively oversee and challenge first-line risk activities to ensure compliance.
• You hold (or are working toward) certifications like CISSP, CISM, or CCSK.
• You understand vulnerability management, penetration testing and can review IT/security clauses in contracts.
• You’re confident communicating with senior stakeholders and can turn complex issues into clear, actionable insights.
• You’re proactive, analytical and comfortable managing complex work in a fast-paced environment.
• You’re a strong team player, able to build trust between first and second line teams.

What can you expect:

• At KPMG, you’ll join an international corporate culture that values personal growth, mutual trust, and lifelong learning. We offer a competitive and attractive compensation package, including a wide range of extra-legal benefits: company car and fuel card, iPhone/iPad, group and hospitalization insurance, and customizable allowances through our Reflex@KPMG plan.
• You’ll have access to career and business development opportunities, with tailored training programs designed to match your personal goals and ambitions.
• For future leaders, we provide structured learning and growth paths via our Management Development Track.
• We support flexible, hybrid work arrangements, allowing you to work from wherever you’re most productive.
• You’ll be surrounded by passionate colleagues, all working together to achieve great things and supporting one another along the way.
• From day one, you’ll be backed by a buddy and a performance manager to guide you during your first months.
• Enjoy engaging teambuilding, sports, and wellbeing initiatives through our Together@KPMG program.
• And last but not least, you’ll thrive in an inclusive environment that embraces diversity and fosters mutual respect for all backgrounds and beliefs.