Manager-Technology Risk and Cyber

Job Description
About the Team
At KPMG Australia, our Consulting Technology Risk and Cyber team is at the forefront of enabling organisations to navigate the complex world of technology, cyber threats, and information security. We deliver impactful and innovative solutions tailored to our clients' needs, helping them identify and manage technology risks, safeguard critical assets, and foster a culture of security at every level of their organisation. Our services span Technology Risk Management, Cyber Security, Incident Response Planning, and we integrate strategies with Environmental, Social, and Governance (ESG) goals to ensure sustainable business practises.

We don't just consult – we partner with organisations to strengthen their business resilience, deliver risk-informed decision-making, and elevate their cyber maturity to meet evolving threats.

Your Opportunity
We are seeking an experienced Technology Risk and Cyber Manager to join our team based in Sydney. This role is your opportunity to shape the future of KPMG's Technology, Risk, and Cyber Security offerings by working with high-profile clients and leading cutting-edge initiatives.

As a key team member, you'll help our clients navigate the risks and opportunities associated with technology and cyber threats. You'll play a pivotal role in designing and implementing risk management practises, developing tailored strategies and controls, and providing executive-grade insights.

If you're passionate about solving real-world technology and cyber challenges, ready to lead in a collaborative environment, and keen to deliver measurable results, we invite you to explore this exciting opportunity.

Key Responsibilities
You will play a significant role working with clients across various services and deliverables, including

• Managing Cyber Risks

• Assisting clients in aligning cyber risk strategies with business objectives and compliance obligations.

• Designing and implementing robust controls to protect technology assets and mitigate risks.

• Strengthening Resilience

• Developing and enhancing business resilience frameworks to safeguard critical operations during disruptions.

• Performing gap assessments against global and local standards (ISO 27001, NIST CSF, APRA CPS234, etc.).

• Developing Cyber Security Strategies

• Creating tailored strategies to manage cyber threats and elevate security maturity.

• Embedding cybersecurity principles into broader business operations and processes.

• Incident Response Planning & Compliance

• Crafting incident response plans and conducting rehearsal scenarios to ensure readiness.

• Keeping clients informed on evolving regulations and helping them maintain compliance.

• Leadership and Collaboration

• Supporting the development of junior consultants to deliver high-impact outcomes.

• Communicating complex cybersecurity risks and solutions to senior executives and boards.

• Emerging Technology and Risk Alignment

• Leveraging emerging technologies, such as AI and automation, to advance security practises.

• Evaluating their impacts to align security initiatives with operational excellence.

Your Experience
To excel in this role, you'll bring a proven track record of delivering excellence to clients and strong expertise in cybersecurity, IT consulting, and risk management. Specifically, we're looking for

Technical Skills

• Experience in Technology Risk Management, cyber risk strategy creation, and IT project risk management.
• Knowledge of global cybersecurity standards and governance frameworks.
• Previous experience in incident response and forensic investigations for cyber events.

Soft Skills

• Excellent communication to translate technical concepts into accessible insights for stakeholders at all levels, including executives and boards.
• Problem-solving, analytical thinking, and project management skills.
• Leadership ability to inspire teams and foster collaborative success.

Knowledge of Emerging Technologies

• Familiarity with AI, machine learning, cloud computing, and automation, as well as their implications for cybersecurity and risk management.

Qualifications

• A degree in Information Technology, Computer Science, Cyber Security, Engineering, or a related discipline.
• Additional post-graduate certifications such as CISM or CISSP are highly advantageous.
• Advanced degrees (e.g., Master's in Cyber Security, Information Systems, or Business Administration) are a plus.

Additional Information
KPMG is a professional services firm with global outreach and deep sector experience. We work with clients across an array of industries to solve complex challenges, steer change and enable growth.

Our people are what make KPMG the thriving workplace that it is and what sets us apart is that we know great minds think differently. Collaborate with a team of passionate, highly skilled professionals who've got your back. You'll build relationships with unique and diverse colleagues who will provide you with the support you need to be your best and produce meaningful and impactful work in an inclusive, equitable culture.

At KPMG, you'll take control over how you work. We're embracing a new way of working in many ways, from offering flexible hours and locations to generous paid parental leave and career breaks. Our people enjoy a variety of exciting perks, including retail discounts, health and wellbeing initiatives, learning and growth opportunities, salary packaging options and more.

Diverse candidates have diverse needs. During your recruitment journey, information will be provided about adjustment requests. If you require additional support before submitting your application, please contact the Talent Attraction Support Team.

At KPMG every career is different, and we look forward to seeing how you grow with us.