KPMG is looking for a highly motivated Cloud Security Engineer possessing hands-on technical expertise in Azure and AWS cloud environments. This is a key role within our Information Security team and will work closely with other teams within Information Technology Services, such as Architecture, Infrastructure and Operations.
The Cloud Security Engineer will be primarily responsible for engineering, monitoring and operating cloud security solutions. The Engineer will also be responsible for identification, investigation, and resolution of security breaches detected by cloud security monitoring systems.
The Cloud Security Engineer’s responsibilities also include contributing to the creation and maintenance of cloud security operational frameworks, policies, standards, baselines, guidelines, and procedures as well as monitoring compliance of cloud service providers.
- Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing solutions in accordance with the firm’s Global Information Security Policy.
- Evaluate new cloud security solutions and vendors to ensure they meet existing security standards.
- Enhance and integrate secure cloud solutions into our Managed Cloud Platforms.
- Be the subject matter expert on cloud security operations.
- Monitor, troubleshoot, and improve current security solutions for stability, reliability, and performance against our security baselines.
- Maintain up-to-date, detailed knowledge of new or updated security solutions, enhanced security processes, and the development of new attacks and threats.
- Recommend security solutions or enhancements to existing security solutions to improve overall enterprise security.
- Expertise with orchestration/ automation tools like Ansible and code management tools (GIT), GitLab.
- Good understanding of IT technologies and practices (DevSecOps, CI/CD).
- Working experience with CIS benchmarks, ISO27k, NIST 800-53 V4 and OWASP Top 10
- Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (e.g. security tools) or in-direct control (e.g. workstations, servers, network devices).
- Design and implement new cloud security tools/solutions within SecOps processes as per established security baselines.
- Review logs and reports of all in scope logging devices, whether they be under direct control (e.g. security tools) or in-direct control (e.g. workstations, servers, network devices). Interpret log results and devise plans for appropriate resolution.
- Formulate cloud incident response procedures and participate in investigations for cloud incidents.
- Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.
- Provide on-call support for end users for all in-place security solutions.
Vacancy Type: Full Time
Job Location: Edmonton, CA
Application Deadline: N/A