Security & Privacy Risk Business Analyst

  • Basis:  Full-Time
  • Closing Date:  11 Oct, 2023
  • Job Ref:  KMP-85042

Job Description

About KPMG in Malta
​KPMG in Malta is one of the leading providers of audit, tax and advisory services. Our vision is to be our clients’ clear choice, the employer of choice, and also to maintain the highest levels of trust by the community. Our work is client-centric, and we integrate innovative methodologies and deep expertise to deliver results. This translates into a high level of client satisfaction. Our experience ranges from multinationals to promising start-ups, private to public sector undertakings, local to international clientele. Our values remain at the heart of all we do, shared by all our firms in more than 140 countries. KPMG is the largest professional services provider in Malta, with over 750 employees.

​Our team supports the business in keeping their data safe. We are business enablers who seek to understand the requirements and assess according to the presented risk. We have strong tights with all the departments, most especially IT who enforce our policies. Management expects our team members to guide them in safeguarding their data in their ventures.

​The Role
We are seeking to recruit a Risk Business Analyst (Security and Privacy) for an integral role in bringing together the Information Protection and Privacy practices within the firm. The successful candidate will be working with the Information Protection and Privacy sections within the Risk Management department to enhance our internal processes and be the frontier of harmonization.

We will provide access to current tools, technologies, and support which will aid you in executing your responsibilities. We have extensive access to modern online training programs, and we will support time spent on this as well as conventional training towards a qualification.


  • ​Performing security, data and privacy impact assessments;
  • Systematically review such assessments for new and existing solutions;
  • Perform transfer impact assessments;
  • Design, implement, review and enforce policies and procedures;
  • Familiarise yourself with the firm’s policies;
  • Manage and track small projects to improve our security and privacy posture;
  • Support the team with risk assessments and questionnaires;
  • Support with internal audits;
  • Work closely with staff across the business to gather information on working practices to help improve the security and privacy processes;
  • Support the team with the education, awareness, and communications programme for our staff; and
  • Liaise with other teams within the firm to implement new measures.

What we are looking for

  • ​Knowledgeable on GDPR and applicable privacy laws and regulations​;
  • Competent in all MS Office applications;
  • Good at writing documentation;
  • Well-organised and capable of working without close supervision;
  • A good team player, with good communication skills and a determination to succeed;
  • A flair for drafting staff communications; and
  • Willing to learn new technologies and take on new responsibilities to grow their experience in different areas.

Qualifications and experience

  • ​2 or 3 years’ experience in information security and privacy​;
  • Bachelor of Science in Information Technology, or similar;
  • A strong technical background; and
  • Any knowledge of artifical intelligence will be considered as an asset.

What we offer

  • ​A Performance Manager to coach you, periodically review, and ensure that you will meet your business and personal development goals;
  • Buddy system;
  • Continuous learning through multiple online platforms;
  • Technical training and support;
  • Flexible working;
  • Health insurance;
  • A multicultural team;
  • Relocation package and immigration support where applicable.

Are you looking for a challenge and willing to learn? Apply now.