Posted 04 July, 2026
Cyber S&G Consultant
KPMG
Bangalore,Karnataka,IN,560103
Full Time
Reference: 218_549848_30047215
Profile:
Cyber Security Strategy & Governance Consultant
Experience:
4 to 7 years in cyber Security
Educational qualifications
Bachelor's degree in Information/ Cyber Security, Computer Science, Engineering, Business or related fields, from an accredited college/university or equivalent experience
Preferred Professional Certifications: CISSP, CISM, CISA, CRISC, ISO 27001 LA, ISO 22301 LA, ISO 42001 LA
Work experience
4-7 years of relevant cybersecurity experience, with focus on strategy, governance, risk, and compliance in a consulting environment (preferably Big 4 or equivalent)
Proven experience in a client-facing role with demonstrated ability in leading projects and supervising team members.
Mandatory technical & functional skills
Strong knowledge and hands-on experience with cybersecurity frameworks and standards including ISO 27001, ISO 22301, NIST CSF / NIST 800-53, CIS, or Cybersecurity Maturity Model
Experience in delivering three or more of the following: cyber maturity assessments, cyber risk quantification, cybersecurity development, or policy/standards/ framework development and third-party security risk assessment
Experience in performing framework and compliance assessments, including control mapping, gap analysis, and evaluation of control design and effectiveness
Experience in supporting development and review of cybersecurity policies, standards, procedures, and frameworks
Ability to identify risks and gaps, and communicate technical findings into clear, business-aligned insights to stakeholders
Understanding of IT environments, including infrastructure, applications, and key security domains (e.g., IAM, data security, cloud security)
Support delivery of engagements, including execution, stakeholder coordination, and timely delivery of outputs
Ability to assess structured problem statements and contribute to development of pragmatic solutions, with awareness of evolving cyber and regulatory landscape
Ability to use Generative AI tools and AI agents for automation, research, and content generation, with a critical, responsible, and ethical approach, including prompt design and application to streamline business and technical processes
Key behavioral attributes/requirements
A proactive and self-motivated approach to work, with commitment to continuous learning and professional development
Ability to work well independently and as part of a team
Driven and enthusiastic with a pragmatic and solution-oriented mindset
Strong analytical mindset with structured problem-solving abilities
Excellent team player with ability to collaborate across cross-functional and client teams
Strong communication, presentation, and report writing skills
Ability to translate technical concepts into clear, business-aligned insights
Ability to work effectively with stakeholders across business and technology teams
High attention to detail and ability to manage multiple priorities in a dynamic environment
Adaptability and critical thinking in navigating evolving cyber, regulatory, and client requirements
Support delivery of cyber strategy, governance, risk, and compliance engagements across domains including cyber maturity assessment, risk quantification, policy and standards, risk frameworks, and regulatory assessments
Perform cyber maturity and risk quantification assessments using industry frameworks (e.g., NIST, ISO), including supporting current state analysis, gap identification, and development of target state insights
Assist in development of cybersecurity policies, standards, and procedures, and support design and implementation of risk management frameworks
Perform cyber framework, compliance and risk assessments, including control mapping, gap analysis, and evaluation of control design and effectiveness
Perform third-party risk assessments and related program activities, with exposure to data privacy and regulatory considerations
Prepare structured, client-ready deliverables aligned to engagement objectives and firm standards
Work with internal and client stakeholders to support workshops, interviews, and walkthroughs, and assist in communicating findings and recommendations
Collaborate with team members and contribute to engagement execution, timelines, and delivery quality
Support proposal development, methodology updates, and use of data-driven and AI-enabled tools to enhance analysis and reporting
Stay updated on emerging cyber threats, regulatory changes, and industry practices