Technical Security Architect
Technical Security Architect
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
The world of global advisory audit and tax compliance services for large multi-nationals is rapidly changing and heavily dependent on technology.
The KPMG Delivery Network (KDN) is a KPMG special purpose member firm offering a way for clients to leverage KPMG top talent and technology platforms through regional teams of specialists enabling economies of scale and a new way of working that expands beyond local capability
Together with KDN KPMG member firms can drive the sales and delivery of global solutions at a competitive price and in a repeatable and consistent manner. As a member of KDN youll be a part of the KPMG family working alongside some of our professions most skilled practitioners on rewarding programs and initiatives that are changing the way business operates delivering value to our clients and driving positive change in the communities we serve.
Youll be enabling KDN accelerate new ways of working using cutting-edge technology and working together with our member firms located in nearly 150 countries to help us achieve our ambition to be the most trusted and trustworthy professional services firm.
And through your work youll build a global network and unlock opportunities that you may not have thought possible with access to great support vast resources and an inclusive supportive environment to help you reach your full potential.
Our KDN Bulgaria Cloud Services unit is focused on designing building securing and managing cloud native & hybrid platforms for the KPMG group of member firms as well as providing cloud advisory and engineering services to external clients.
We are currently seeking an experienced Technical Security Architect to support our NITSO in analyzing and securing new applications and solutions. This expert-level role encompasses all aspects of information security from cloud security and network security to compliance and risk management. The Technical Security Architect should have hands-on experience with Microsoft Azure security tools and platforms and will design and implement robust security architectures and policies for both cloud and on-premises environments ensuring that security best practices are integrated at every stage of development and this position you will collaborate closely with cross-functional teams and leadership to maintain a strong security posture and swiftly address emerging threats.
This Technical Security Architect role offers an exciting opportunity to shape the security posture of new technologies and business solutions. The ideal candidate will be a proactive leader and problem-solver capable of balancing technical security needs with business objectives and continuously driving improvements in our security environment.
Your Responsibilities:
- Security Assessments & Risk Analysis:Conduct thorough security assessments and risk analyses for new applications and solutions identifying vulnerabilities and assessing potential impact.
- Secure Design & Integration:Collaborate with development DevOps and infrastructure teams to integrate security best practices into system design architecture and deployment pipelines.
- Policy Definition & Enforcement:Define implement and enforce security policies standards and procedures that align with the KPMG Global Security policies and the industry best practices
- Compliance & Frameworks:Implement and ensure compliance with security frameworks and regulations (e.g. ISO 27001 NIST CSF GDPR) including documentation and audits as required.
- Architecture Design:Design end-to-end security architectures for both cloud (Azure) and on-premises environments including network security controls identity and access management and data protection measures.
- Threat Modeling & Testing:Lead threat modeling exercises to anticipate potential attack vectors. Plan and oversee regular vulnerability assessments and penetration testing initiatives and work with teams to remediate findings.
- DevSecOps & Secure Coding:Provide expert guidance on secure coding practices and DevSecOps integration ensuring that security is built into the software development lifecycle (SDLC) and CI/CD processes.
- Security Strategy & Roadmap:Work closely with the NITSO to develop and update the organizations security strategy and technology roadmap. Recommend security investments and initiatives that address current and future risks.
- Threat Monitoring & Mitigation:Continuously monitor emerging security threats news and intelligence. Analyze potential impact on the organization and recommend proactive mitigation strategies or improvements to existing defenses.
- Incident Response & Investigation:Oversee the creation and maintenance of incident response the event of security incidents lead or support investigations root-cause analysis and coordinated response efforts to contain and recover from incidents.
What you bring in:
- 5 years as a Security Architect.
- Certifications: CISSP or CISM certification (required). An Azure security certification (e.g. AZ-500) is a strong advantage.
- Security Architecture Experience: At least 5 years of experience in a security architect or similar senior security role with a track record of designing and implementing security solutions.
- Cloud & Network Security: Extensive experience with cloud security (especially in Microsoft Azure environments and using Azure security tools) as well as securing on-premises networks and systems.
- Risk & Compliance Knowledge: In-depth knowledge of security risk management principles and familiarity with compliance standards/regulations such as ISO 27001 NIST GDPR and related data protection laws.
- Technical Security Skills: Proven experience in conducting threat modeling performing vulnerability assessments and overseeing penetration testing. Strong understanding of network security identity and access management encryption and security monitoring/ SIEM tools.
- DevSecOps & SDLC: Familiarity with DevSecOps practices and secure software development life cycle. Ability to guide development teams on secure coding standards and integrate automated security checks into CI/CD pipelines.
- Communication & Collaboration: Excellent communication and interpersonal skills. Ability to work collaboratively with cross-functional teams and effectively communicate security concepts to both technical and non-technical stakeholders. Experience supporting or advising executive leadership (e.g. working with a CISO) is a plus.
What we offer:
- The chance to work in a top talent team
- Attractive remuneration
- Build knowledge in cutting-edge technologies
- Opportunity for continuous training learning and certification
- Experience in an international and multicultural organization
- Work on challenging projects with clients in various industries around the globe
- Modern office environment
- Additional health insurance
- Life insurance
- 50 benefits and services to choose from
- Hybrid working policy
Employment Type
Full-Time
