AI Squad - Cloud Security Engineer

Cloud Security Engineer

Location: UK (any office)

The Team

The KPMG Audit Technology team is dedicated to building cutting-edge solutions in close collaboration with the Audit function. We blend audit expertise with the latest technology, enabling us to understand the challenges our customers face daily and develop indispensable products that simplify their lives while promoting Audit Quality.

As a crucial member of the team, you will collaborate with a talented mix of Product Owners/Managers, Solution, Cloud and Enterprise Architects, Experience Designers, Business Analysts, and Testing specialists. Together, we build, deliver, and manage a portfolio of truly exciting products.

In recent years, our products' size and scale have rapidly expanded, leading to significant growth in our technology capability. There's never been a better time to join us.

With our ambitious growth plans, your future here is something to get excited about. As a valued team member, you'll be expected to stay current with the tech field and the latest trends in Audit delivery.

The Role

As the Azure security subject matter expert, you will provide leadership and direction to the Clara Data Solutions product engineering team to ensure secure controls and practices are designed and implemented in accordance with KPMG security policies. You will act as a single point of contact between the team and the Firm’s wider security departments, maintaining a close relationship with the Security Architecture team to ensure that the implementation of security processes within Data Solutions aligns to KPMG’s agreed trust and verify framework and guidelines.

In this delivery-focused Security Engineer role, you will have the exciting opportunity to manage multiple workstreams simultaneously. Your responsibilities will encompass overseeing the secure development and deployment of Azure-based solutions, actively participating in security audits, and contributing to the continuous improvement of security measures within Clara Data Solutions. As a key player in our security strategy, you will play a pivotal role in fortifying our systems against potential threats, ensuring the resilience of our security infrastructure, and promoting a culture of security awareness throughout the organization.

Responsibilities

• Interpret business requirements into technical deliverables and clearly communicate security risks to relevant stakeholders ranging from business leaders to risk analysts.
• Design and implement technical security controls to safeguard infrastructure, applications, and data.
• Develop, document, and maintain security processes and plans per KPMG’s trust and verify framework.
• Lead and manage the performance of threat modelling exercises for our products.  
• Champion and coach cloud security principles across our product engineering team.
• Manage escalations of security related issue, risk or exceptions.
• Lead Clara’s relationships with central security teams (Security Architecture, SecQA and SOC) and contribute to communities of practice.
• Ensuring that appropriate logging of is ingested into our corporate SIEM for SOC monitoring.
• Lead Clara’s response to incidents and risks raised by the SOC.
• Provide specialist technical input to conversations with client security teams around security architecture at KPMG.

Skills and experience

• Excellent understanding of security controls within Azure environments
• Previous experience developing cloud-native applications using infrastructure-as-code best practices.
• Experienced in assessing and securing containerized applications (Docker and Kubernetes security)
• Experienced in conducting security assessment of cloud-based environments, API's and Web Applications.

• Experience in managing infrastructure as code (IaC) (ideally Terraform) and CI/CD pipelines.
• Experience in Implementing automated compliance and security checks via Azure Policies or other tooling.
• Confident in using Git based source control.
• Comfortable with a modern languages (Java, Python, Go, JavaScript, etc.)
• Up-to-date knowledge of common security weaknesses and associated mitigations within cloud environments
• Ability to pragmatically introduce security controls
• Strong communication skills and the ability to work with all stakeholders
• Autonomy and initiative in identifying and resolving problems across the business

Ideally, you will also hold the following certifications:

• CISSP

• Azure Security Engineer Associate AZ-500
• Cybersecurity Architect Expert SC-100
• Security Operations Analyst Associate SC-200
• Microsoft Identity and Access Administrator SC-300