Consulting, Cyber Strategy & Governance, Graduate Associate 2026

Job Description

At KPMG, your long-term future is every bit as important to us as it is to you. That’s why our aim is to give you experiences that will stay with you for a lifetime. Whether it’s great training and development, working across functional sectors, mobility opportunities or corporate responsibility volunteering activities – you’ll gain a wealth of experiences on which to build a rewarding career. We’re proud of our culture – it’s one that recognises hard work, encourages new ways of thinking and embraces diversity and inclusion. We have an innovative spirit which inspires what we do and how we do it – striving to be better lies at the heart of who we are. 

Technology underpins many of the most influential organisations in the world and presents opportunities for businesses that want to seek out new markets and are prepared to invest in transformational change. The last ten years have seen a rapid emergence of new technology, greater connectivity for organisations and individuals, and a 24/7 approach to global commerce. However, this has left many organisations behind the curve and struggling to achieve their business aspirations without feeling exposed to risks. 

We believe that by turning traditional thinking on its head, adopting a positive approach to managing risk, will set organisations free to achieve their business aspirations. 

KPMG Cybersecurity professionals assist clients to address their concerns around Confidentiality, Integrity, Availability and Privacy of their technology, business systems, and information assets. Using a holistic view of how Technology and Business integrate, the Cyber team performs technology-risk focused assessments, technology compliance, IT/operational process reviews, and design of information risk & cyber security solutions. 

We are looking for candidates to join a growing team to assist clients in the following area: 

KPMG Cyber Strategy and Governance (S&G) professionals advises senior executives, including CEOs, CISOs and CIOs, on establishing resilient and effective cybersecurity security. This team helps organizations design their cyber operating models and define strategic approaches that integrate people, processes, and technology. 
You will work across industries to assess cyber risks, shape policies, and roll out governance frameworks that align with business objectives and regulatory requirements. Key areas of focus of Cyber S&G team include: 
• Cyber Strategy development and implementation 
• IT Governance Access Management, 
• Business Continuity & Crisis Management
• Cyber laws & regulatory compliance
• Technology Risk Management, and Third-party Risk
• AI Trust, Risk, and Security Management (AI TRiSM), covering AI Governance, AI Security, and Data Privacy
Management and Data Security

⠀

The role involves:

• Assist in the development of cybersecurity strategies and operating models.
• Support assessments of clients’ cybersecurity maturity, governance structures, and risk exposure.
• Contribute to the design of policies, frameworks, and roadmaps that enhance cyber resilience.
• Conduct research on emerging cyber threats, regulatory changes, and industry best practices.
• Prepare client deliverables such as reports, presentations, and dashboards.
• Collaborate with cross-functional teams to support project delivery and client engagement.

The ideal candidate should possess:

Technical Skills: 
• Basic understanding of cybersecurity principles, including risk management, governance, and compliance.
• Familiarity with cybersecurity and governance frameworks such as NIST CSF, ISO 27001, or COBIT 
• Awareness of IT governance and access management concepts, including identity and access controls.
• Knowledge of business continuity and crisis management planning.
• Understanding of cyber laws and regulatory compliance, especially in the context of data privacy (e.g., GDPR, PDPA).
• Basic familiarity with cloud platforms (AWS, Azure, GCP) and their security considerations.
• Exposure to AI governance and data protection, including ethical considerations in AI use.
• Participation in cybersecurity competitions, clubs, or capstone projects would be advantageous
• Prior hands-on experience in developing and implementing AI/ML solutions would be considered a strong advantage.
• Relevant certifications in cybersecurity, AI/ML, data analytics would be considered an advantage. Candidates without certifications but with equivalent skills or willingness to obtain them are also encouraged to apply.

Soft Skills: 
• Strong analytical and problem-solving skills with the ability to think critically about risk and governance issues.
• Effective communication skills, both written and verbal, for documentation and stakeholder interaction.
• Team collaboration and willingness to work in cross-functional environments.
• Curiosity and eagerness to learn, especially in fast-evolving areas like AI and cybersecurity.
• Adaptability and resilience, especially in dynamic consulting environments.
• Time management and organizational skills to handle multiple tasks and deadlines.
• Initiative and self-motivation to pursue certifications, training, or side projects. 

#LI-BC1