Position description
Job title
Senior IT & Cyber Risk Specialist (Financial Sector)
Function
Advisory - Senior Advisor
Roles & Responsibilities
1. Monitor and assess IT and cybersecurity risks across the organization, focusing on second-line oversight of the first line’s risk management practices.
2. Conduct independent risk assessments and challenge the first line’s processes and control effectiveness across applications, business solutions, assets, and third-party relationships.
3. Review and validate risk assessments and treatment plans proposed by the first line, ensuring compliance with organizational and regulatory standards.
4. Develop and manage IT and security control frameworks, ensuring alignment with internal policies, industry best practices, and regulatory requirements (e.g., ISO 27001, NIST, SOC).
5. Support the implementation of the various aspects of DORA with the objective to achieve compliance.
6. Conduct audits and provide oversight of IT and cybersecurity practices within the first line of defense, especially in third-party risk management.
7. Produce independent risk reports for senior management and governance committees, synthesizing security risks and providing recommendations for risk mitigation.
8. Advise on risk management strategies and propose improvements to enhance the organization’s security posture and overall risk maturity.
9. Act as a trusted advisor to the business, providing guidance on emerging risks and ensuring that the first line implements appropriate risk mitigations.
10. Ensure the integration and coherence of risk management processes across different business units, with a focus on third-party risk.
11. Oversee the review of IT and security contractual clauses with suppliers, ensuring they meet second line’s standards for risk management.
12. Collaborate with the first line, providing support and challenge to enhance the effectiveness of security controls and practices.
#LI-DNI
Location
Zaventem HQ
Skills & Qualifications
13. 4+ years of experience in information security or risk management, with a focus on second line functions.
14. Experience in performing information security assessments or audits.
15. Demonstrated experience in operational security risk management.
16. Strong understanding of Information Security frameworks (ISO 27001, NIST, SOC) and their application in second line assurance activities.
17. Strong understanding of the FS regulatory landscape (DORA, NBB, EBA, etc.).
18. Proven ability to conduct risk oversight, challenge the first line’s risk management activities, and ensure compliance with internal and external standards.
19. Experience working in financial services or large-scale enterprises, with an understanding of regulatory requirements in IT and cybersecurity.
20. Security certifications such as CISSP, CISM, CCSK, or similar.
21. Familiarity with vulnerability management, penetration testing, and reviewing IT and security clauses in contracts.
22. Knowledge of control frameworks and audit methodologies within second line risk functions.
23. Strong communication and influencing skills, capable of working with senior stakeholders and challenging the first line when necessary.
24. Excellent analytical and problem-solving abilities, with a focus on providing independent assurance and actionable recommendations.
25. Proactive, autonomous, teamplayer, collaborator and able to synthesize complex issues.
We offer
26. An international corporate culture in which personal growth, mutual trust and lifelong learning are being fostered.
27. A competitive and attractive compensation package and a great number of extra-legal advantages (Company car + fuel card, IPhone/IPad, group & hospitalization insurance, Allowances,…) which are customizable with our Reflex@KPMG plan.
28. Career and business development opportunities combined with trainings based on your personal needs and ambitions.
29. Learning and growth opportunities designed for leaders through our Management development Track.Flexible, hybrid work arrangements to enable working from wherever you are.
30. A team of passionate colleagues to reach higher goals and support each other.
31. A buddy and performance manager to support and assist you through your first months at KPMG.
32. Great teambuilding, sport & wellbeing initiatives through our Together@KPMG program.
33. An inclusive workspace that encourages diversity and pursues mutual respect for each other’s beliefs and backgrounds.