Back to search
KPMG Philippines Linkedin · Posted 6d ago

Cybersecurity Risk and Compliance Senior Analyst

Philippines

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

Qualifications:

  • 3-7 years of experience in cybersecurity audits, threat and risk assessments (TRA), security risk management, and assessments of organizations, third-party environments, or technology solutions.
  • Strong knowledge of cybersecurity frameworks (e.g., NIST CSF, NIST 800-30, NIST AI RMF, ISO 27001, SOC 2, PCI DSS, CIS Controls, OWASP LLM/GenAI guidance, etc.).
  • Hands-on experience with security risk assessment tools and methodologies.
  • Understanding of security operations, threat intelligence, and incident response.
  • Proficiency in network security, cloud security (AWS, Azure, GCP), application security, data security, and third-party/vendor risk considerations.
  • Experience assessing enterprise applications, cloud services, integrations/APIs, vendor platforms, and AI-enabled or generative AI solutions is preferred.
  • Certifications preferred:

o CISA (Certified Information Systems Auditor)

o CISSP (Certified Information Systems Security Professional)

o CRISC (Certified in Risk and Information Systems Control)


Responsibilities:

  • Conduct cybersecurity risk assessments, threat and vulnerability assessments, and compliance reviews across organizations, technology environments, and digital solutions.
  • Assess security risks across enterprise applications, cloud platforms, APIs/integration environments, third-party solutions, and AI-enabled or generative AI technologies.
  • Evaluate cybersecurity controls, policies, governance practices, and technical safeguards against industry frameworks such as NIST, ISO 27001, SOC 2, PCI DSS, and OWASP guidance.
  • Identify cyber threats, attack vectors, and control gaps while providing practical recommendations to strengthen security posture and resilience.
  • Review security architecture and technical controls including access management, data protection, encryption, cloud security, application security, and vendor risk management.
  • Develop comprehensive risk assessment reports, documentation, and executive summaries; communicate findings and recommendations to technical teams and senior stakeholders.
  • Collaborate with business and technology teams to align cybersecurity strategies with organizational objectives and risk management goals.
Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent