Senior Consultant -Security Architect

JOB DESCRIPTION

KPMG Cyber

KPMG has been acknowledged by Forrester as a leader in cybersecurity consultancy. We are expanding our cyber consulting team to meet growing demand and provide comprehensive services to many of the world's largest companies.

We help clients protect, detect, and respond to complex cyber threats; understanding the threat landscape, making informed investment decisions, and building capabilities to counter financial crime and other threats.

Cyber security for us is about enabling clients to harness digital opportunities safely and securely. It involves a holistic approach, engaging the entire business to understand and mitigate risks.

Our team collaborates with KPMG's broader advisory practice to connect cyber security with IT transformation and operational resilience.

You will serve as a Security Architect within the Cyber Transformation Capability, delivering high-quality consulting services to clients.

The ideal candidate will have extensive hands-on experience securing on-premise and cloud environments, network infrastructure, and endpoints. You should be capable of assessing and designing secure enterprise and hybrid architectures. Your work will involve a variety of challenging projects, helping clients safely leverage digital opportunities. As a Security Architect, you will advise clients on managing security risks across traditional, virtualized, and cloud environments, assess and recommend security architectures, automate security controls and risk reporting, and integrate security into digital customer journeys.

Clients face regulatory scrutiny and a rapidly evolving threat landscape. You should understand their world, the complexities of modern technologies, and translate complex cybersecurity issues into clear, credible, jargon-free advice, ensuring we deliver the support they need.

If you can help clients seize digital opportunities securely, you are the person we seek.

1. Deliver client engagements ensuring quality and value by:

• Understanding business challenges and cyber threats
• Navigating cybersecurity regulatory environments
• Advising on cybersecurity governance, frameworks, and operating models
• Optimizing cybersecurity controls and risk management
• Applying security architecture principles and industry best practices in cybersecurity transformation
• Designing layered security controls across IT architecture, including data centers, servers, storage, networks, and cloud hosting
• Translating business and regulatory requirements into technical security controls and architecture guidance
• Conducting Security Architecture Assessments in domains such as DevOps, encryption, network segmentation, firewalls, IDS/IPS, endpoints, etc.
• Advising on Zero Trust principles, especially for infrastructure and network security zones
• Linking cybersecurity to risk management, resilience, and IT transformation services for holistic client support
• Assessing the current maturity of Security Operations Centers using models like SOC-CMMI
• Delivering small to medium projects and participating in larger engagements
• Identifying business opportunities through understanding KPMG’s broader offerings
• Supporting presales and business development activities
• Building and maintaining professional client relationships
• Acting as a trusted advisor, role model, and upholding KPMG’s values of integrity

• Industry experience demonstrating understanding of client business, threats, and regulations (essential)
• Proven experience managing cyber risks, including assessment, analysis, and reporting
• Knowledge in security architecture, cloud security, DevSecOps, security assessments, IAM, security operations, etc.
• Experience in defining and implementing security controls across IT layers
• Expertise in designing, operating, and evaluating Cyber Security Operations Centers
• Experience with security controls in traditional data centers (VLANs, firewalls, proxies, NAC, VPNs)
• Experience in enterprise architecture and integrating legacy systems with modern controls
• Experience delivering cybersecurity services in a commercial environment
• Experience with cloud providers like Azure, AWS, OCI
• Ability to work under high pressure and motivate others
• Analytical problem-solving skills and solution-oriented mindset

• Degree qualification
• Cloud certifications (Azure, AWS, etc.)
• Recognized cybersecurity certifications (CISSP, CISM, etc.) or equivalent experience
• Architecture certifications (SABSA, TOGAF, etc.) preferred
• Vendor certifications (NSE-8, CCIE, PCNSE, etc.)
• Excellent written and verbal communication skills
• Ability to engage with senior organizational stakeholders