You're using an older version of Internet Explorer that is no longer supported. Please update your browser.

Cloud Security Engineer

Toronto, ON
Full Time
15 hours ago

You've got big plans. We have opportunities to match, and we're committed to empowering you to become a better you, no matter what you do.

When you join KPMG you'll be one of over 200,000 professionals providing audit, tax, advisory and business enablement services across 154 countries.

With the support to do things differently, grow personally and professionally and bring your whole self to work, there's no limit to the impact you can make.

In this role, you will be a member of KPMG Canada's Cloud Centre of Excellence (CCOE) cross-functional team. This team will be responsible for promoting and enabling KPMG Canada's Cloud Transformation journey through service delivery leadership, advice and support.

Overview of the opportunity:

KPMG is looking for a highly motivated Cloud Security Engineer possessing hands-on technical expertise in Azure and AWS cloud environments. This is a key role within our Information Security team and will work closely with other teams within Information Technology Services, such as Architecture, Infrastructure and Operations.

The Cloud Security Engineer will be primarily responsible for engineering, monitoring and operating cloud security solutions. The Engineer will also be responsible for identification, investigation, and resolution of security breaches detected by cloud security monitoring systems.

The Cloud Security Engineer's responsibilities also include contributing to the creation and maintenance of cloud security operational frameworks, policies, standards, baselines, guidelines, and procedures as well as monitoring compliance of cloud service providers.

What you will do

  • Participate in the creation of firm security documents (operational frameworks , policies, standards, baselines, guidelines, and procedures) specific to cloud environments.

Acquisition & Deployment

  • Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing solutions in accordance with the firm's Global Information Security Policy.
  • Evaluate new cloud security solutions and vendors to ensure they meet existing security standards.
  • Enhance and integrate secure cloud solutions into our Managed Cloud Platforms.
  • Be the subject matter expert on cloud security operations.
  • Monitor, troubleshoot, and improve current security solutions for stability, reliability, and performance against our security baselines.
  • Maintain up-to-date, detailed knowledge of new or updated security solutions, enhanced security processes, and the development of new attacks and threats.
  • Recommend security solutions or enhancements to existing security solutions to improve overall enterprise security.

Nice to Have
  • Expertise with orchestration/ automation tools like Ansible and code management tools (GIT), GitLab.
  • Good understanding of IT technologies and practices (DevSecOps, CI/CD).
  • Working experience with CIS benchmarks, ISO27k, NIST 800-53 V4 and OWASP Top 10

Operational Management
  • Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (e.g. security tools) or in-direct control (e.g. workstations, servers, network devices).
  • Design and implement new cloud security tools/solutions within SecOps processes as per established security baselines.
  • Review logs and reports of all in scope logging devices, whether they be under direct control (e.g. security tools) or in-direct control (e.g. workstations, servers, network devices). Interpret log results and devise plans for appropriate resolution.
  • Formulate cloud incident response procedures and participate in investigations for cloud incidents.
  • Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.
  • Provide on-call support for end users for all in-place security solutions.
  • Security operations center (SOC) experience is desirable.

What you bring to the role

  • University degree in the field of Computer Science, Engineering or a related discipline .
  • 3+ years of Azure experience with cloud-based infrastructure
  • Experience with cloud-native security tools for IaaS, PaaS, micro-severs and serverless.
  • Extensive experience in securing operating systems, firewalls, networks, systems, databases and application architectures.
  • Experience with antivirus, IDS/IPS, WAFs, NSG, Express route, Application Firewalls.
  • Experience with Azure Security Center, Azure Monitor, Azure Sentinel
  • Strong understanding of IP, TCP/IP, and other network administration protocols.
  • Knowledge of security standards and regulations (NIST CSF, ISO 27K, CIS, CCM, SOC2)
  • 3+ years of experience in securing cloud solutions (IaaS/PaaS/SaaS)
  • 3+ years' experience in identifying security issues and risks, and developing risk mitigation plans.
  • Good understanding of cloud security threats.
  • Scripting or programming experience in Ruby, Python, Shell/BASH scripting, Java, C/C++, C#, Perl, or equivalent.
  • Cloud certifications such as Azure Fundamentals, Azure Security Engineer, AWS Technical Essentials are highly recommended or nice to have
  • Certifications such as but not limited to CISSP, CCSP, CCSK are highly recommended or nice to have

Personal Attributes
  • Proven analytical and problem-solving abilities.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment.
  • Good written, oral, and interpersonal communication skills.
  • Ability to conduct research into IT security issues and products as required.
  • Highly self-motivated and detailed oriented.
  • Team-oriented and skilled in working within a collaborative environment.

Our Values, The KPMG Way

Integrity, we do what is right | Excellence, we never stop learning and improving | Courage, we think and act boldly | Together, we respect each other and draw strength from our differences | For Better, we do what matters

KPMG in Canada is a proud equal opportunities employer and we are committed to creating a respectful, inclusive and barrier-free workplace that allows all of our people to reach their full potential. A diverse workforce is key to our success and we believe in bringing your whole self to work. We welcome all qualified candidates to apply and hope you will choose KPMG in Canada as your employer of choice.

If you have a question about accessible employment at KPMG, or to begin a confidential conversation about your individual accessibility or accommodation needs through the recruitment process, we encourage you to contact KPMG's Employee Relations Service team for support at email: or phone: 416-777-8002 or toll free 1-888-466-4778 Option 3.

For general recruitment-related inquiries, please contact the HR Delivery Centre at .

Information Technology