KPMG Luxembourg combines our multi-disciplinary approach with deep, practical industry knowledge to help clients meet challenges and respond to opportunities.
As a leading consulting firm with more than 1,700 employees and more than 70 nationalities in Luxembourg, we know that our strength and capability come from our people, their experiences, culture and backgrounds.
KPMG Luxembourg is looking for forward-thinking and passionate people to make a difference to our clients, people and communities.
To support our growth, we are currently seeking for a GRC Engineer. Compliance and Risk Management
Develop, implement and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk.
Coordinate the treatment of non-conformity with, and exceptions to, the Information Security Policy, norms and laws (ISO27001, GDPR).
Address technical policy, compliance and regulatory issues.
Provide efficient contract reviews.
Contribute to the Firm’s RFP submission processes in the Security related sections of those processes;
Stay abreast of regulatory and norm changes affecting KPMG Business and information Security (in particular ISO27000 series and GDPR).
Governance and Project Management
Develop a risk decision framework to help understand critical areas.
Work with Information Security Officer, NITSO and QRMP to build cohesive security and compliance programs.
Establish Risk Management Framework Processes and Tools.
Coordinate and perform the assessment and analysis of information security risks and monitors compliance with security standards and appropriate policies.
The perfect candidate
Master level or equivalent in IT specialty in Information Security.
At least 1 year of experience with information security concepts and practices with experience in a Compliance and / or Information Security Risk Management.
Experience implementing ISMS frameworks in relation to ISO 27001.
Experience with Information Security Risk Management Framework (ISO27005) and Tools.
Knowledge of IT Domain (Infrastructure, software development and Data protection).
ISO27001 Lead Implementer, ISO27005 Risk manager certification could be an important asset
Project management skills.
CISSP, CISM or similar certifications could be an important asset.
Fluency in English is required; Knowledge of French or German would be an asset.
Interested? If your profile fits the above description, send us your CV and cover letter. By submitting your resume and application information, you authorize KPMG to transmit and store your information in the KPMG recruitment database, and to circulate that information as necessary for the purpose of evaluating your qualifications for this or other job vacancies.
KPMG is an equal opportunities employer. We believe passionately that employing a diverse workforce is central to our success.
Our recruiting decisions are based on your experience and skills.