AI Squad - Cloud Security Engineer
Aberdeen
Applications have closed
Cloud Security Engineer
Location: UK (any office)
The Team
The KPMG Audit Technology team is dedicated to building cutting-edge solutions in close collaboration with the Audit function. We blend audit expertise with the latest technology, enabling us to understand the challenges our customers face daily and develop indispensable products that simplify their lives while promoting Audit Quality.
As a crucial member of the team, you will collaborate with a talented mix of Product Owners/Managers, Solution, Cloud and Enterprise Architects, Experience Designers, Business Analysts, and Testing specialists. Together, we build, deliver, and manage a portfolio of truly exciting products.
In recent years, our products' size and scale have rapidly expanded, leading to significant growth in our technology capability. There's never been a better time to join us.
With our ambitious growth plans, your future here is something to get excited about. As a valued team member, you'll be expected to stay current with the tech field and the latest trends in Audit delivery.
The Role
As the Azure security subject matter expert, you will provide leadership and direction to the Clara Data Solutions product engineering team to ensure secure controls and practices are designed and implemented in accordance with KPMG security policies. You will act as a single point of contact between the team and the Firm’s wider security departments, maintaining a close relationship with the Security Architecture team to ensure that the implementation of security processes within Data Solutions aligns to KPMG’s agreed trust and verify framework and guidelines.
In this delivery-focused Security Engineer role, you will have the exciting opportunity to manage multiple workstreams simultaneously. Your responsibilities will encompass overseeing the secure development and deployment of Azure-based solutions, actively participating in security audits, and contributing to the continuous improvement of security measures within Clara Data Solutions. As a key player in our security strategy, you will play a pivotal role in fortifying our systems against potential threats, ensuring the resilience of our security infrastructure, and promoting a culture of security awareness throughout the organization.
Responsibilities
- Interpret business requirements into technical deliverables and clearly communicate security risks to relevant stakeholders ranging from business leaders to risk analysts.
- Design and implement technical security controls to safeguard infrastructure, applications, and data.
- Develop, document, and maintain security processes and plans per KPMG’s trust and verify framework.
- Lead and manage the performance of threat modelling exercises for our products.
- Champion and coach cloud security principles across our product engineering team.
- Manage escalations of security related issue, risk or exceptions.
- Lead Clara’s relationships with central security teams (Security Architecture, SecQA and SOC) and contribute to communities of practice.
- Ensuring that appropriate logging of is ingested into our corporate SIEM for SOC monitoring.
- Lead Clara’s response to incidents and risks raised by the SOC.
- Provide specialist technical input to conversations with client security teams around security architecture at KPMG.
Skills and experience
- Excellent understanding of security controls within Azure environments
- Previous experience developing cloud-native applications using infrastructure-as-code best practices.
- Experienced in assessing and securing containerized applications (Docker and Kubernetes security)
- Experienced in conducting security assessment of cloud-based environments, API's and Web Applications.
- Experience in managing infrastructure as code (IaC) (ideally Terraform) and CI/CD pipelines.
- Experience in Implementing automated compliance and security checks via Azure Policies or other tooling.
- Confident in using Git based source control.
- Comfortable with a modern languages (Java, Python, Go, JavaScript, etc.)
- Up-to-date knowledge of common security weaknesses and associated mitigations within cloud environments
- Ability to pragmatically introduce security controls
- Strong communication skills and the ability to work with all stakeholders
- Autonomy and initiative in identifying and resolving problems across the business
Ideally, you will also hold the following certifications:
- CISSP
- Azure Security Engineer Associate AZ-500
- Cybersecurity Architect Expert SC-100
- Security Operations Analyst Associate SC-200
- Microsoft Identity and Access Administrator SC-300
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Audits Azure CI/CD CISSP Cloud Compliance Docker Java JavaScript Kubernetes Monitoring Python Security assessment Security strategy SIEM SOC Strategy Terraform
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Information System Security Officer jobs
- Open Security Consultant jobs
- Open Information Systems Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Security Architect jobs
- Open CISA-related jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open Security Clearance-related jobs
- Open Kubernetes-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open SQL-related jobs
- Open PowerShell-related jobs