KPMG Luxembourg combines our multi-disciplinary approach with deep, practical industry knowledge to help clients meet challenges and respond to opportunities.
As a leading consulting firm with more than 1,700 employees and more than 70 nationalities in Luxembourg, we know that our strength and capability come from our people, their experiences, culture and backgrounds.
KPMG Luxembourg is looking for forward-thinking and passionate people to make a difference to our clients, people and communities.
To support our growth, we are currently seeking for a GRC Expert.You will manage Information Security Risk and the Compliance program.
Also, you will work with cross-functional teams and interface with third parties to support compliance and risk management activities.
Compliance and Risk Management Leadership
Develop, implement and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk.
Coordinate the treatment of non-conformity with, and exceptions to, the Information Security Policy, norms and laws (ISO27001, GDPR).
Address technical policy, compliance and regulatory issues.
Provide efficient contract reviews.
Contribute to the Firm’s RFP submission processes in the Security related sections of those processes.
Stay abreast of regulatory and norm changes affecting KPMG Business and information Security (in particular ISO27000 series and GDPR).
Governance and Project Leadership
Develop a risk decision framework to help understand critical areas.
Work with Information Security Officer, NITSO and QRMP to build cohesive security and compliance programs.
Establish Risk Management Framework Processes and Tools.
Coordinate and perform the assessment and analysis of information security risks and monitors compliance with security standards and appropriate policies.
The ideal candidate
Master level or equivalent in IT specialty in Information Security.
At least 6 years of experience with information security concepts and practices with at least 2 years in a Compliance and / or Information Security Risk Management.
Experience implementing ISMS frameworks in relation to ISO 27001.
Experience with Information Security Risk Management Framework (ISO27005) and Tools.
Knowledge of IT Domain (Infrastructure, software development and Data protection).
ISO27001 Lead Implementer, ISO27005 Risk manager certification.
Project management skills.
CISSP, CISM or similar certifications could be an important asset.
English and French are mandatory. Any other languages are considered an asset.
Details and results oriented.
Strong writing skills.
Strong organizational, multi-tasking, and time management skills.
Ability to speak and communicate effectively and in diplomatic manner across all levels of the organization.
Good influencing and negotiation skills.
Ability to work independently and within a team.
Business / client oriented.
Interested?If your profile fits the above description, send us your CV and cover letter.By submitting your resume and application information, you authorize KPMG to transmit and store your information in the KPMG recruitment database, and to circulate that information as necessary for the purpose of evaluating your qualifications for this or other job vacancies.
KPMG is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success.
Our recruiting decisions are based on your experience and skills.