Manager Cybersecurity AI

Do Work That Matters - Your Role and Responsibilities

Do you want to do work that is truly meaningful and impactful? At KPMG, you'll have the opportunity to help clients, society, and colleagues tackle and solve the most current and complex challenges. KPMG Advisory offers consulting services to businesses to support them in business model transformation, process improvement and digitalization, risk analysis and management, as well as extraordinary finance operations.

Specifically, by joining the Cyber & Tech Risk Team in Milan, you will work with our ICT security experts to help clients address the cyber risks that threaten their business. You will collaborate on significant projects for market-leading companies.

Specifically, you will be responsible for:

AI Cyber Tooling

• Scouting and evaluating AI solutions for cybersecurity (e.g., threat intelligence analytics, anomaly detection, vulnerability management, code/security scanning).
• Technical and risk due diligence: architectures, model security, privacy and compliance (EU AI Act, NIS2, DORA, GDPR), vendor risk and supply chain.
• Defining assessment frameworks, scoring criteria, KPI/KRI and effectiveness metrics (precision/recall, false positives), TCO/ROI and business cases.
• Managing PoCs/pilots with clients: success criteria, results measurement, integration with SIEM/EDR/IAM, design of SOC playbooks and operational runbooks.
• Developing alliances and partnerships with vendors and startups in the AI field: co-creation, joint go-to-market, support for contracts and partnerships, commercial enablement.

AI Risk & Governance

• AI Risk Assessment: identification and management of specific threats (prompt injection, jailbreak and data exfiltration, model poisoning/evasion, supply chain and dependencies, privacy leakage, bias and ethical impacts).
• AI Governance: definition of policies, processes, and controls; roles and responsibilities; AI system registration; guardrails and content filtering; red teaming and secure-by-design.
• Implementation of reference frameworks: NIST AI Risk Management Framework, ISO/IEC 23894 (AI risk management), ISO/IEC 42001 (AI management system), EU AI Act (gap analysis, readiness and roadmap), integration with NIST CSF/COBIT/ISO 27001.

You will be involved in both national and international projects, collaborating with highly qualified professionals, and working closely with our Financial Services sector clients, including banks, insurance companies, and investment firms, contributing to the management of IT risks, governance, audit, privacy, and information security.

As You Are - Your Skills and Characteristics

To be the ideal candidate, you must have:

• 5 to 8 years of experience in consulting firms in the Cyber security field, with proven exposure to projects on AI Security, AI Governance, or “AI for Cyber”;
• Knowledge of the main standards: ISO/IEC 27001, NIST CSF, COBIT, ITIL; and AI frameworks: NIST AI RMF, ISO/IEC 23894, ISO/IEC 42001, EU AI Act; sector regulations (NIS2, DORA, GDPR);
• Good knowledge of the main technological areas and/or specific solutions related to the areas highlighted above;
• Degree in Computer Engineering, Telecommunications Engineering, or Computer and Information Sciences;
• Excellent knowledge of the English language, preferably supported by study or work experience abroad;
• Strong aptitude for innovative technological topics.

Your Future With Us - What you will find at KPMG

• An inclusive, equitable environment that respects, encourages, and values diversity.
• A stimulating and dynamic context that fosters creativity and teamwork.
• Hybrid work arrangements to promote a healthy work-life balance.
• Advanced training and development programs to stay up-to-date.
• International mindset and innovative projects.
• Initiatives focused on psychophysical well-being.

Together for Better – Our Values and Commitment

Leadership, teamwork, respect for individuals, continuous learning, transparency, commitment to the community, and integrity: these are the values of KPMG that bring to life an environment open to the exchange of ideas and personal and professional growth. Thanks to our commitment to an inclusive work environment, we have obtained ISO 30415 (Diversity and Inclusion Management) and UNI PdR 125 (Gender Equality) certifications. Discover all our actions in our Impact Plan - Our Impact Plan (kpmg.com), which describes our initiatives on environmental, social, and governance (ESG) issues.

Join Us!

Your data will be processed in full compliance with the provisions of Regulation (EU) No. 679/2016 (General Data Protection Regulation -