Cloud Monitoring & Compliance Engineer
Location: United Kingdom (fully remote)
About KPMG International
KPMG International, with over 273,000 colleagues across 143 countries, provides Audit, Tax, and Advisory services. Joining KPMG offers a global career opportunity, exposing you to standards, best practices, and innovative solutions that impact the organization worldwide.
About this Global Group
Global Technology & Knowledge enables KPMG's digital transformation, ensuring security and delivering trusted technology services. Our principles include customer-centricity, expertise communities, flexible delivery, empowerment, and fulfilling careers. We operate under five domains: Technology Portfolio Delivery, Global Enterprise Technology, Technology Strategy & Blueprint, Global Information Security Group, and Business Operations. We are focused on driving technology excellence within our strategic initiatives.
About this Team
Part of the Global Information Security Group (GISG), the Information Security Services (ISS) team, including the Global Security Operations Center (GSOC) and Vulnerability Attack Surface Defense (VASD), defends KPMG and its clients from cyber threats through detection, investigation, and remediation.
Role Summary
The Cloud Monitoring & Compliance Engineer ensures visibility into security and compliance across KPMG's cloud-native technology stack. Responsibilities include managing configuration and compliance guardrails, securing cloud environments per industry standards, and supporting GSOC tools on Windows, Azure, and O365. Collaborating with security engineers, analysts, and architects, the role involves:
* Analyzing MDC Product alerts related to CWP & CSPM for internal clients.
* Customizing and enhancing Cloud Security Posture Management and Microsoft Defender for Cloud features to meet KPMG requirements.
* Onboarding new tenants and cloud providers.
* Planning and executing automated remediation activities.
* Engaging with vendors to optimize product investments and influence roadmaps.
* Managing, troubleshooting, and maintaining security tools daily.
* Collaborating with other teams to identify new opportunities and ensure compliance.
* Documenting all projects using DevOps practices.
Key Accountabilities
* Analyzing MDC alerts and client requests.
* Enhancing CSPM and CWP features for KPMG needs.
* Implementing automated remediation strategies.
* Vendor engagement and roadmap influence.
* Onboarding cloud tenants and providers.
* Tool management, troubleshooting, and housekeeping.
Experience / Qualifications
* Solid IT experience with major cloud providers.
* Bachelor's degree in Computer Science or related field, or equivalent experience.
* Strong knowledge of Cloud Security Posture Management tools (Microsoft MDC, Twistlock, Redlock).
* Experience securing and ensuring compliance in cloud environments.
* Understanding of API security standards.
* Knowledge of exploits, malware, ransomware, detection methods, and web architecture.
* Proficiency in building complex RQL, KQL, or SQL queries.
* Experience with Azure, AWS, or GCP security configurations.
* Programming skills in Python or PowerShell.
Flexible Working
KPMG supports work-life balance through flexible arrangements. Contact us to learn more about options available.
Inclusion & Diversity
We promote an inclusive environment, recruiting from diverse talent pools and removing barriers to allow everyone to reach their potential.
Applying with a Disability
We are committed to fair treatment and encourage candidates requiring accommodations to discuss their needs with us during recruitment.
#J-18808-Ljbffr