Senior Cloud Security Engineer securing public cloud platforms and services in the financial industry. Collaborating with teams to enhance security posture and ensure compliance in cloud environments.
About the role
- Security Engineer driving modernization and improvements in KPMG's cybersecurity services. Engaging in technology evaluation, process innovation, and stakeholder communication.
Responsibilities
- Drive modernization and continuous improvement within the services aligned with Security Posture Management
- Monitor emerging cybersecurity technologies, frameworks, and automation tools relevant to attack surface management
- Assess applicability of AI/ML, predictive analytics, and orchestration platforms for vulnerability and insecure configuration prioritization and remediation
- Identify gaps in current workflows and propose enhancements
- Assist with the development of proof-of-concept (PoC) projects for new tools and processes, ensuring compatibility with enterprise architecture
- Design integration strategies for new technologies with existing monitoring, ticketing, and reporting systems (e.g., MDC, Qualys, ServiceNow)
- Collaborate with engineering and IT teams to operationalize automation for vulnerability detection and remediation
- Communicate technical concepts and business value to executive leadership and non-technical stakeholders
- Prepare ROI analyses and business cases for proposed innovations
Requirements
- Strong experience in cloud-centric cybersecurity with a focus on vulnerability management or threat management
- Bachelor’s degree in a related field (e.g. Computer Sciences, Computer Engineering, Information Technology and Security) or equivalent work experience
- Proven track record of leading innovation or transformation projects in security operations
- Experience presenting technical solutions and ROI to technical and executive audiences
- Strategic thinker with strong problem-solving and conceptual skills
- Ability to work independently and influence cross-functional teams
- Strong understanding of vulnerability management lifecycle (identification, prioritization, remediation)
- Understanding of identity lifecycle management
- Understanding of Data lifecycle management
- Understanding of various Security Posture management tooling – CSPM, SSPM, Qualys
- Familiarity with CVSS scoring, EPSS predictive models, and MITRE ATT&CK framework
- Knowledge of cloud security (Azure, GCP, AWS) and container security (Kubernetes, Docker)
- Exposure to Wiz Programming & Automation
- Experience with CI/CD pipelines and integration of security tools
- Experience with API integration
- Experience with agentic AI Data Analytics
- Ability to leverage data visualization and analytics tools for reporting trends and risk metrics (PowerBI, Azure Workbooks)
Benefits
- Flexible working arrangements
- Professional development opportunities
- Inclusion and diversity commitment
- Support for employees with disabilities
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Cybersecurity Metrics and Reporting Lead overseeing development of security metrics and dashboards. Collaborating with teams to improve cybersecurity program effectiveness and compliance tracking.
Senior Developer in Defensive Security for Clio, a leader in legal AI technology. Join a team to proactively tackle application security vulnerabilities and enhance security practices.
Intern role in emerging network systems at KBR Mission Technical Solutions. Focused on network interconnection problems and quality of service metrics in a collaborative environment.
Director of Product Security leading cybersecurity initiatives for medical devices at LivaNova. Ensuring patient safety and compliance with regulatory demands across product lifecycle.
Identity and Access Security Analyst at HII’s Newport News Shipbuilding focusing on SAP Security skills. Designing secure operating systems and conducting security assessments.
Senior Security Specialist ensuring compliance and security measures at Disney. Supporting audit processes and collaborating on risk assessments to enhance cybersecurity.
Risk Analyst supporting Keyloop’s Security Governance by managing information security risks. Identifying and monitoring risks while ensuring compliance with regulatory standards.
Cloud Security Engineer responsible for designing and implementing security controls for cloud environments at Keyloop. Ensuring secure adoption and compliance while working with platform and engineering teams.
IT Infrastructure & Security Engineer managing and developing network and server infrastructure at L - mobile. Collaborating on security measures and supporting internal audits in a hybrid role.