Share this Job

Technical Security Consultant

Date: Jul 6, 2021

Location: London, United Kingdom

Company: KPMG UK

Technical Security Consultant – C Grade

This role is in the Security Advisory and Assessment (SAA) team, within the KPMG UK Information Security function. The SAA team are critical in the assessment, development and delivery of innovative, technology-enabled secure solutions for KPMG and our clients. The SAA team is vital to KPMG’s ability to demonstrate that we are delivering ‘secure by design’ solutions so that our business stakeholders, our clients and our regulators trust KPMG.

The role involves advising on technical security aspects of business products that are considered, evaluated or implemented by Enterprise wide and Technology engineering teams. The service works across KPMG to offer advice on varied business products and IT solutions (i.e. products).

The Technical Security Consultant will:
• Work with programmes and projects to help deliver solutions that meet the business need, including any client contractual security requirements, and are compliant with the Enterprise Security Architecture principles – ensuring all applicable controls and patterns are implemented;
• Provide technical security direction to programmes and projects you are working with;
• Provide risk or threat-based advice to programme stakeholders along with actionable recommendations where necessary;
• For the project assigned, manage the overall security assessment and testing process (such as penetration testing) – working with security testing vendors;
• Deliver advice and support for information risk assessments. You will also support security remediation, investigations, and vulnerability management as part of the wider Information Security team;
• Create easy to understand documentation and reviewing documentation when required;
• Help improve Enterprise Security Architecture by providing feedback from practical experiences from projects, including - although not limited to - making Enterprise Security Architecture artefacts easier to use and developing patterns;
• Work towards and achieve or extend professional certifications as part of personal development;
• Share experiences with others to assist their learning and understanding.

The Person
You must:
• Have worked in at least one of:
o An operational security role;
o Secure application development;
o Vulnerability management;
o Solution or infrastructure design or
o Security auditor or assessor.
• Experience and knowledge in securing digital products/solutions in the Cloud (e.g. in AWS, Azure and Google);
• Be able to demonstrate the ability to adapt communication style to explain technical concepts to different people within an organisation whether advising stakeholders, directing teams or sharing experience; and
• Experience of successfully working in a fast paced, customer service environment, delivering high quality information security services;
• Be calm in challenging situations, able to navigate through complex security problems to find the root cause and a balanced outcome.

It would be advantageous if you can demonstrate some, or all of:
• Experience and knowledge of container or serverless platforms;
• Experience in costing and estimating solutions from an information security perspective;
• Any security certification.

Job Segment: Application Developer, Information Security, Security, Technology