KPMG, network globale di servizi professionali per le imprese leader nell’Audit, nell’Advisory e nei servizi di Tax & Legal, ricerca un IT Risk Security Specialist per la sede di Milano, Lombardia, Italia.

KPMG Business Services S.r.l. (KBS) is a company part of the KPMG Network, which gathers within it several centers of expertise serving the various Lines of Business. Human Resources & Training, Marketing & Communication, IT, Finance, Risk Management, Purchasing & Facility Management, and Corporate Social Responsibility-these are the departments that make up the company and are committed every day to ensuring quality services according to the highest professional standards. The multidisciplinary skills of KBS teams help KPMG professionals pursue our purpose, inspiring confidence and encouraging change.

We are looking for an IT Risk Security Specialist to join our in-house IT department who will be responsible for:

  • Evaluate evolutions and updates of the internal regulatory framework (e.g., policies, procedures, controls) and detection/interpretation of new requirements as a result of legislative, technological or contextual changes, including in relation to outsourcer and third-party management
  • Promote and implement ICT & security practices and controls that ensure compliance with corporate policies/plans/standards
  • Support the execution of risk assessment on internal and external systems adopted by the company and provide guidance on mitigation measures
  • Perform IT risk assessment, IT controls assessment and IT process reviews

The ideal profile is a bright young person with work experience of at least 2/3 years who has experience in some of the following areas:

  • Implementation of ICT risk analysis on assets and evaluation of corrective security measures
  • Design and monitoring of level I and II controls
  • Risk analysis inherent to information system innovation and evolution projects (Demand Management, GDPR, Cloud, Change Management)
  • Realization of documentation for the Regulator and top management
  • Realization of Preventive ICT Risk Indicators
  • Conducting ICT Audit & Compliance Assessments with reference to key industry regulations
  • Prior experience in activities related to defining and implementing IT and security risk assessment methodologies.
  • Prior experience in ICT and security policy and procedure writing activities, maturity assessment, benchmarking
  • Knowledge of information security solutions (i.e. SIEM, Identity & Access Governance, Data Security & Protection, Data Masking, etc.).
  • ICT/Security certifications (i.e. CISM, CISSP, Lead Auditor 27001, 22301, Cobit 19, CISA, etc.).
  • Relational, analytical, organizational and problem solving skills
  • Excellent knowledge of major Microsoft Office applications (Word, Excel, Power Point)
  • Excellent knowledge of the English language

Therefore, the following skills are useful:

  • Knowledge of Data Analysis, IT Architecture and IT Governance.
  • Knowledge of ICT/Security frameworks and standards (e.g. CISM, CISSP, Lead Auditor 27001, 22301, Cobit 19, CISA, etc.).


Per candidarti a questa posizione visita la seguente pagina

Visit Us