Skip to main content
Posted 04 July, 2026

Cyber S&G Assistant Manager

KPMG
Bangalore,Karnataka,IN,560103 Full Time
Reference: 218_549848_30047212

Profile:

Assistant Manager - Cyber Strategy & Risk

Experience:

7 to 10 years in Cyber

Educational qualifications

Bachelor's degree in Information/ Cyber Security, Computer Science, Engineering, Business or related fields, from an accredited college/university or equivalent experience
Preferred Professional Certifications: CISSP, CISM, CISA, CRISC, ISO 27001 LA, ISO 22301 LA, ISO 42001 LA

Work experience

7-10 years of relevant cybersecurity experience, with focus on strategy, governance, risk, and compliance in a consulting environment (preferably Big 4 or equivalent)
Proven experience in a client-facing role with demonstrated ability in leading projects and supervising team members.

Mandatory technical & functional skills

Strong knowledge and hands-on experience with cybersecurity frameworks and standards including ISO 27001, ISO 22301, NIST CSF / NIST 800-53, CIS, and Cybersecurity Maturity Model
Demonstrable experience in delivering three or more of the following: cyber maturity assessments, cyber risk quantification, cybersecurity development, or policy/standards/ framework development and third-party security risk assessment
Experience in performing framework and compliance assessments, including control mapping, gap analysis, and evaluation of control design and effectiveness
Proven experience in developing and reviewing cybersecurity policies, standards, procedures, and frameworks
Ability to identify gaps and risks, translate and communicate technical cyber findings and risks into business-aligned insights and actionable recommendations for technical and business stakeholders
Strong understanding of IT and enterprise environments, including infrastructure, applications, and key security domains (e.g., IAM, data security, cloud security)
Proficiency in managing multiple engagements and deliverables, with experience in project planning, execution, stakeholder coordination, and quality review of outputs
Ability to assess complex environments, deliver pragmatic solutions, supported by working knowledge of evolving cyber and regulatory landscape
Ability to use Generative AI tools and AI agents for automation, research, and content generation, with a critical, responsible, and ethical approach, including prompt design and application to streamline business and technical processes

Key behavioral attributes/requirements

A proactive and self-motivated approach to work, with commitment to continuous learning and professional development
Ability to work well independently as well as part of a team
Driven and enthusiastic with a 'can-do' attitude and a strong sense of ownership to get the job done in a pragmatic fashion
Strong analytical mindset with structured problem-solving abilities
Excellent team player with ability to collaborate across cross-functional and client teams
Strong communication, presentation, and report writing skills
Ability to translate complex technical concepts into clear, business-aligned insights
Team leadership and mentorship skills, with ability to guide and review junior team members
Strong stakeholder management skills with ability to engage effectively with business and technology stakeholders
High attention to detail and ability to manage multiple priorities in a dynamic environment
Adaptability and critical thinking in navigating evolving cyber, regulatory, and client requirements
Deliver end-to-end cyber strategy, governance, risk, and compliance engagements across domains including cyber maturity assessment, risk quantification, policy and standards, risk frameworks, and regulatory assessments
Perform cyber maturity and risk quantification assessments using industry frameworks (e.g., NIST, ISO), including current state analysis, gap identification, target state definition, and translation of cyber risks into business insights
Develop cybersecurity policies, standards, and procedures, and support design and implementation of risk management frameworks, including governance structures, risk taxonomy, and regulatory alignment
Execute cyber framework, compliance and risk assessments, including control mapping, design and effectiveness testing, and support remediation and control optimization
Support third-party risk assessments and related program enhancements, with working familiarity in data privacy regulations and privacy risk considerations
Prepare high-quality, client-ready deliverables aligned to engagement objectives and firm standards
Work closely with client stakeholders to conduct workshops, interviews, and walkthroughs, and communicate findings and recommendations in a clear and structured manner
Oversee and guide consultants, review work outputs for quality, and support engagement planning, lead execution, tracking, and adherence to timelines and delivery standards
Support proposal development, contribute to enhancement of methodologies and tools, and leverage data-driven and AI-enabled capabilities to improve efficiency of analysis and reporting
Stay updated on emerging cyber threats, regulatory changes, and industry practices, and contribute to knowledge sharing and capability development within the team

Sign up for Job Alerts