Associate Director, Cloud Security Architect

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Seramount, Fair360 and others. If you're as passionate about your future as we are, join our team.

KPMG is currently seeking an Associate Director, Senior Cloud Security Architect to join our Global Information Solution Group which is part of KPMG International.

• Incorporate security best practices and principles into application design and development, ensuring solution teams follow the secure solutions development lifecycle
• Develop high quality artifacts such as reference architectures, pattern documents, whitepapers and more, facilitating a repeatable and secure design of products and solutions
• Perform application threat modeling to identify potential security weaknesses and risks in application architecture
• Execute security assessments of systems and applications: design reviews, security test scoping, and complete risk assessments
• Create and maintain regular reports on security posture of applications and infrastructure, including assessment metrics, KPIs, vulnerabilities status
• Develop and maintain security standards, and guidelines to ensure compliance with relevant regulations

• Minimum ten years of recent experience with at least three of the following: Security Architecture, threat modelling experience, identity management and authentication, software development, cryptography, penetration testing, cloud security, mobile security, and network security
• Bachelor's degree in computer science from an accredited college/university or related field; or equivalent work experience
• Advanced knowledge and understanding of security engineering, system and network security, authentication and security protocols, cryptography, or application security
• Certifications such as CISSP, CISM, Azure Cybersecurity Expert, or equivalent are highly desirable with strong knowledge of cloud platforms (e.g. Azure, AWS, Google Cloud) and their security features
• In-depth understanding of cloud security principles, best practices and industry frameworks (e.g. CSA, CIS, NIST, ISO)
• Experience in security assessment tools, techniques and methodologies, integrating security into CI/CD solutions, enabling a secure delivery model (e.g. GitHub Actions)

KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.

KPMG does not currently require partners or employees to be fully vaccinated or test negative for COVID-19 in order to go to KPMG offices, client sites or KPMG events, except when mandated by federal, state or local law. In some circumstances, clients also may require proof of vaccination or testing (e.g., to go to the client site).

KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them.

Los Angeles County applicants: Material job duties for this position are listed above. Criminal history may have a direct, adverse, and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above, as well as the abilities to adhere to company policies, exercise sound judgment, effectively manage stress and work safely and respectfully with others, exhibit trustworthiness, and safeguard business operations and company reputation. Pursuant to the California Fair Chance Act, Los Angeles County Fair Chance Ordinance for Employers, Fair Chance Initiative for Hiring Ordinance, and San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.