Security Architect

About The Position

Requirements

• 8 years of experience in IT and Information Security with 3 years of secure design and architecture in cloud and areas such as network and application security
• Bachelor’s or master’s degree in Information Technology, Computer Science, or a related work experience, or equivalent
• Previous security experience in a consultancy role collaborating with internal Technology, Project and Business teams
• Ability to lead security architecture discussions and articulate security recommendations with Project, Business and Technology teams in forums such as architecture review and like
• Ability to build, maintain and present roadmaps for Cloud security involving Cloud security tooling and concepts to Leadership and Business teams
• Experience interpreting business, technology, and threat drivers, and develop practical security roadmaps to deal with these drivers and providing guidance on building secure solutions
• Understanding of information security standards/practices (e.g., CSA CCM, ISO, PCI DSS, NIST CSF, NIST 800:53 etc.), and aspects related to data security protection
• Deep knowledge of cloud security posture management (such as PRISMA), cloud workload protection, Infrastructure as Code, secure logging, identity & access mechanisms, secure code management, data security in cloud, secure cloud configurations, security automation, SAST & DAST, Secure Code review analysis, AI Security, API security and serverless functions security, embedding security in CI/CD pipelines for Cloud environments such as Azure, AWS and GCP
• Applied knowledge of methodologies to conduct threat-modeling exercises on new applications and services
• Some out-of-hours support may be required
• This position requires written and oral fluency in English. The successful candidate will be required to support or collaborate with English-speaking colleagues or stakeholders nationally in our English speaking provinces while at KPMG.

Nice To Haves

• The ideal candidate will maintain one or more of the following certifications: CISSP, ISSAP, Azure Security Engineer Associate, Azure Solutions Architect Expert Certification, CISM, CISA, CCSP

Responsibilities

• Responsible for embedding security requirements and objectives into architecture lifecycle and DevOps as per business requirements, reviewing security in technical architectures for applications and products to ensure they meet security standards and creating security-embedded reference architectures that can be leveraged by technology functions across the firm to rapidly develop secure solutions in a multi-cloud environment
• Act as a subject matter expert in areas pertaining to DevSecOps and cloud security across (but not limited to) cloud platforms such as Azure, AWS and GCP. Provide security recommendations and SME guidance to application development, technology and business teams for their design & development initiatives
• Develop and maintain security architecture artifacts (models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.
• Liaise with developers to assess security for cloud applications through architecture reviews and code scans to determine confidentiality, integrity, or availability of the software
• Coordinate with DevOps teams to advocate secure coding practices and escalate concerns related to poor coding practices as necessary
• Support implementation of cloud security services, including identity and access management, API security, detective controls, infrastructure security and data protection
• Analyzing requirements for cloud security tools and technology and support selection and implementation of appropriate tools