Job Description

Overview

At KPMG, you\'ll join a team of diverse and dedicated problem solvers, connected by a common cause: turning insight into opportunity for clients and communities around the world.

The opportunity:

KPMG Canada is looking for an experienced individual to fulfil the role of a Managed Services - Security Architect in our Information Technology Services team.

This is an exciting opportunity for an individual who has deep experience in multi-cloud technologies, solution architecture and security to spearhead our deep dive in DevSecOps and embedding security into solution architecture life cycle.

Security Architect will work with business clients, Architects and Senior team members to provide practical security solutions for multi-cloud-based platforms

Working with business, Security and other ITS technical team members, Security Architect will assist with technical security architectural requirements, design, and delivery. Work in a collaborative fashion with team members including security analysts, project managers, solution architects, business, and QA analysts. Provide technical consultancy and guidance, as needed, to other ITS teams as well as internal business service lines

What you will do

• Responsible for aligning and translating business requirements into secure solutions, reviewing technical architectures for applications and products to ensure they meet security standards and creating reference architectures that can be leveraged by technology functions across the firm to develop secure solutions in a multi-cloud environment.
• Perform assessment of existing platforms and processes to understand limitations and weaknesses to identify security challenges and identify opportunities for efficiencies, as well as for improvements in security controls
• Build secure architectures in Azure, AWS or GCP for defined workloads
• Participate and provide guidance in the design, development and delivery of technical security solutions that aligns to industry standards and business goals.
• Act as a subject matter expert in areas pertaining to DevSecOps and Cloud technology security with responsibilities to coach other members of the broader Technology Architecture function with ITS.
• Develop and maintain security architecture artifacts (models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.
• Provide analytical and technical security recommendations to other team members and stakeholders and identify requirements based upon need or as the result of a security issue that puts organizations systems at risk
• Conduct code reviews of applications to determine security flaws or other issues that would impact the confidentiality, integrity, or availability of the software.
• Coordinate with DevOps teams to advocate secure coding practices and escalate concerns related to poor coding practices to the Sr. Manager of Security or CISO
• Configure and implement cloud security services, including identity and access management, detective controls, infrastructure protection, and data protection.
• Analyzing requirements for security tools and technology (SIEM, Endpoint Protection, Vulnerability Management, DLP, other).

#li-remote

What you bring to the role

• 5+ years\' experience with architecting, designing, and implementing cybersecurity systems, solutions, and tools for on-premises with 2 years of experience in cloud environments.
• Bachelor\'s or master\'s degree in Information Technology, Computer Science, or a related work experience, or equivalent.
• Previous security experience in a consultancy role collaborating with internal ITS teams as well as business teams.
• Understanding of information security standards (e.g., ISO, PCI DSS, NIST CSF etc.), rules and regulations related to information security and data protection.
• Experience interpreting business, technology, and threat drivers, and develop practical security roadmaps to deal with these drivers.
• Experience in developing DevSecOps practices while focusing on securing open systems solutions.
• Experience with application security, experience with application integration, secured apps, embedding security with CI/CD pipelines, secure coding practices exposure, ability to run pen test.
• Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services.
• Full-stack knowledge of IT infrastructure:
  • Applications
  • Operating systems (Windows & Linux)
  • IP networks (WAN, LAN)
• Experience designing the deployment of applications and infrastructure into public cloud services (Microsoft Azure).
• Experience in building cloud architecture with Azure, using Azure Resource Manager, Azure IaaS, PaaS offerings
• Experience and understanding of Infrastructure as Code, Automation, and Orchestration
• Some out of hours support maybe required.
• The ideal candidate will maintain one or more of the following certifications
  • CISSP
  • ISSAP
  • Microsoft Azure Security Technologies Certification
  • Azure Solutions Architect Expert Certification
  • CISM
  • CISA
  • CCSP

Keys to your success:

KPMG individuals Deliver Impact | Seek Growth | Inspire Trust and understand that a diverse workforce enables us to deepen relationships and strengthen our business.

Providing you with the support you need to be at your best

For more information about KPMG in Canada\'s Benefits and well-being, click here

Our Values, The KPMG Way

Integrity , we do what is right | Excellence , we never stop learning and improving | Courage , we think and act boldly | Together , we respect each other and draw strength from our differences | For Better , we do what matters

KPMG in Canada is a proud equal opportunities employer and we are committed to creating a respectful, inclusive and barrier-free workplace that allows all of our people to reach their full potential. A diverse workforce is key to our success and we believe in bringing your whole self to work. We welcome all qualified candidates to apply and hope you will choose KPMG in Canada as your employer of choice. For more information about Inclusion, Diversity & Equity in Recruitment, please click here.

For general recruitment-related inquiries, please contact the HR Delivery Centre at cafmcdnhrsthotline@kpmg.ca.

If you have a question about accessible employment at KPMG, or to begin a confidential conversation about your individual accessibility or accommodation needs through the recruitment process, we encourage you to contact us at cafmcdnhrsthotline@kpmg.ca or phone: 416-777-8002 or toll free 1-888-466-4778.