Cloud Monitoring & Compliance Engineer

Job description

About KPMG International

Together with more than 273,000 colleagues in 143 countries throughout our member firms, people at KPMG imagine big ideas and bring solutions to life for clients both big and small. A role with KPMG International will open a world of opportunity in your career.

KPMG International helps set the strategy and protects the reputation of this global organization of independent professional services firms providing Audit, Tax and Advisory services. We deliver value to our member firms and drive positive change in the communities we serve. By joining us you will gain a unique understanding of how a global organization operates and work on projects that impact the whole organization. From setting standards and best practices to developing innovative tech- enabled solutions for clients, you'll be part of a global team changing the way our business operates. We look forward to welcoming you to our team.

About this Global Group

Global Technology & Knowledge The core services provided by Global Technology & Knowledge are more crucial than ever to our future, as we enable KPMG’s digital transformation, provide trusted technology services, ensure security across the network and accelerate our Collective Strategy. Our ways of working are based on the principles of customer-centricity, communities of expertise, an optimized delivery model, flexibility, a culture of empowerment, and fulfilling careers. We are organized under five new ‘domains’: Technology Portfolio Delivery, Global Enterprise Technology, Technology Strategy & Blueprint, Global Information Security Group and Business Operations. This is an exciting time for us as we continue to drive technology excellence at the heart of Collective Strategy v3.0, and our GT&K colleagues all play a pivotal role in making this a success.

About this Team

As part of the Global Information Security Group (GISG), the Information Security Services (ISS) team which includes the Global Security Operations Center (GSOC) and the Vulnerability Attack Surface Defense (VASD) team helps defend KPMG and its clients from cyber-attacks, through timely detection, investigation and remediation of potential threats

Role summary

Cloud Monitoring and Compliance engineer provides visibility into the security and compliance across the entire cloud native technology stack within KPMG. Ensuring configuration and compliance guardrails are being adhered to and that the data and systems deployed within the cloud environments are safe and secure. The position will require in-depth working knowledge of securing cloud environments following industry standards and best practices. Responsibility includes installation, management, maintenance and support of GSOC tools hosted on Windows platform in DataCentre, Azure and O365. Working for GSOC alongside a team of highly motivated and experienced network/security engineers, cyber security analysts and security architects, the successful candidate will be required to support cloud monitoring and compliance over KPMG multi[1]cloud environments. You will have a wide range of responsibilities which will include:

• Analysing requests associated with the MDC Product alerts (associated with CWP & CSPM) from impacted internal clients.
• Customising and enhancing Cloud Security Posture Management and Cloud Workflow Protection (Microsoft Defender for Cloud features) to meet KPMG specific requirements.
• Onboarding additional Tenants and cloud hosting providers to the service.
• Planning and implementation of automated remediation activities.
• Liaising with vendors to fully realise investment into their products and influence future roadmaps.
• Day to day management, troubleshooting and housekeeping of the toolsets.
• Collaborating with other GISG teams to understand their requirements and look for new opportunities for the Service.
• Ensuring work is completed in such a way to comply with established compliance and other internal control requirements.
• Using DevOps to record all project tasks

Key Accountabilities

• Analysing requests associated with the MDC Product alerts (associated with CWP & CSPM)
• from impacted internal clients.
• Customising and enhancing CSPM and CWP Cloud features to meet KPMG specific
• requirements.
• Planning and implementation of automated remediation activities
• Liaising with vendors to fully realise investment into their products and influence future roadmaps.
• Onboarding additional Tenants and cloud hosting providers to the service.
• Day to day management, troubleshooting and housekeeping of the toolsets

Experience / Qualifications

• Solid IT experience including working with a major cloud service provider.

• Bachelor’s Degree from an accredited college or university or equivalent work experience. Preferably in Computer Science or related field.

• Robust technical and implementation knowledge of Cloud Security Posture Management technologies (Microsoft MDC, Twistlock, Redlock).

• Experienced in securing cloud environments and cloud systems, including topics around certification and compliance.

• Good understanding of API based security & compliance standards.

• Understanding of exploits, malware, ransomware, etc. their creation and activation and detection methods. • Knowledge of web application architecture and system administration.

• Experienced building complex custom RQL, KQL or SQL queries.

• Experienced with Microsoft Azure, AWS or GCP installation, configuration, and administration of security features and services.

• Programming experience with Python or PowerShell

Agile/Flexible Working

At KPMG International, we are supportive of helping you to achieve a balance between your home and work demands. We are happy to discuss individual requirements and our range of flexible working arrangements could be of interest. Please ask to find out more.

KPMG International's commitment to inclusion & diversity

At KPMG International, we recognise that we need inclusion and diversity to be successful. We want to attract, retain and develop diverse talent at all levels. This means recruiting from the widest pool of talent across our network and beyond, removing barriers that can prevent our people from reaching their full potential, and fostering a fully inclusive environment which empowers everyone to bring their whole selves to work.

Applying with a disability

KPMG International is proud to be an inclusive place to work and we are committed to ensuring that you are treated fairly throughout our recruitment process. Should you be successful after the initial application stage, please discuss any reasonable adjustments that you may require with your recruitment contact.