Information Security GRC Engineer
KPMG SA
LUXEMBOURG
il y a 3j
source : Wizbii

In this role, you will manage Information Security Risk and Compliance program. Work with cross-functional teams and interface with third-

parties to support compliance and risk management activities.

Upon joining the team you will be in charge of the following responsibilities :

Compliance and Risk Management

  • Develop, implement and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk;
  • Coordinate the treatment of non-conformity with, and exceptions to, the Information Security Policy, norms and laws (ISO27001, GDPR);
  • Address technical policy, compliance and regulatory issues;
  • Provide efficient contract reviews;
  • Contribute to the Firm's RFP submission processes in the Security related sections of those processes;
  • Stay abreast of regulatory and norm changes affecting KPMG Business and information Security (in particular ISO27000 series and GDPR);
  • Governance and Project Management
  • Develop a risk decision framework to help understand critical areas;
  • Work with Information Security Officer, NITSO and QRMP to build cohesive security and compliance programs
  • Risk Management

  • Establish Risk Management Framework Processes and Tools;
  • Coordinate and perform the assessment and analysis of information security risks and monitors compliance with security standards and appropriate policies;
  • We are looking for a candidate with the following qualifications and skills :

  • Master level or equivalent in IT - specialty in Information Security;
  • At least 3 years of experience with information security concepts and practices with experience in a Compliance and / or Information Security Risk Management;
  • Experience implementing ISMS frameworks in relation to ISO 27001;
  • Experience with Information Security Risk Management Framework (ISO27005) and Tools;
  • Knowledge of IT Domain (Infrastructure, software development and Data protection);
  • ISO27001 Lead Implementer, ISO27005 Risk manager certification could be an important asset
  • Project management skills;
  • CISSP, CISM or similar certifications could be an important asset;
  • Fluency in English is required; Knowledge of French or German would be an asset.
  • Interested in learning more about this challenge? We are looking forward to hearing from you!

    Postuler
    Ajouter aux favoris
    Retirer des favoris
    Postuler
    Mon email
    En cliquant sur « Continuer », je consens au traitement de mes données et à recevoir des alertes email, tel que détaillé dans la Politique de confidentialité de neuvoo. Je peux retirer mon consentement ou me désinscrire à tout moment.
    Continuer
    Formulaire de candidature