Associate Director, Cloud Security Lead – Africa at KPMG

Job Description

KPMG is a professional service company, being one of the Big Four auditors, along with Deloitte, EY and PwC. Seated in Amsterdam, the Netherlands, KPMG employs , people and has three lines of services: audit, tax, and advisory.

Position Summary

At KPMG, you’ll join a team of diverse and dedicated problem solvers, connected by a common cause: to turn insight into opportunity for clients and communities around the world. As the Cloud Security Lead, you will lead a team to provide technical guidance to customers adopting Cloud services. You will provide best practices on secure foundational cloud implementations, automated provisioning of infrastructure and applications, cloudready application architectures, and more. You will assist customers in migrating, building, modernizing, and maintaining applications in the Cloud. This role seeks an experienced professional who will be responsible for helping our clients secure their cloud workloads and infrastructure and ensure adherence to compliance requirements. This is a Full Time, Hybrid Pan-African role, with responsibility for leading a team across the continent, and the resource will be based in either Johannesburg, Nairobi, or Lagos.

Roles and Responsibilities

Strategy

 Provide support to the Africa region around cloud security initiatives.  Leverage regional alliances with technology partners (e.g. Microsoft, Oracle, IBM, AWS, Google, etc.) to drive proactive leads generation, joint pitch, pipeline management and conversions where required.  Manage, expand, and scale a team of security architects and engineers.  Participate in the development and publication of thought leadership.  Leverage local and global KPMG artefacts, SMEs, and other network assets to advance the firm’s platform agenda.  Provide domain expertise in cloud security and compliance and be a trusted technical advisor to customers. Solve cloud security and compliance challenges.  Create and deliver best practices recommendations, tutorials, blog articles, sample code, and technical presentations adapting to different levels of business and technical stakeholders.

Client Impact

 Manage disparate executive stakeholders within customer environments to deliver consensus and lead positive customer outcomes.  Review and advise on best practices for security policies, procedures, and standards developed for client’s cloud infrastructure.  Provide subject matter expertise on security best practices and industry standards to the client’s technical teams.  Work with customers to design and develop cloud security architectures and solutions to meet and exceed their security requirements, through discussions, strategic presentations or recommendations, and implementation in Cloud environment.  Stay up to date with the latest cloud security threats, vulnerabilities, and countermeasures.

Finance

 Deliver on targets and goals (including sales goals).  Provide annual budget input for the area of responsibility for approval and integration into service line/ growth area budget.  Manage the annual budget, including costs for designated area.

Qualifications, Experience and Skills

The ideal candidate has:

 Bachelor’s or Master’s degree in Computer Science, Electrical Engineering, Computer Engineering, Information Technology, or any other relevant field.  Minimum of 10 years’ experience in cloud security or related security roles.  Strong technical knowledge of cloud computing platforms such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).  Expertise in cloud security tools such as CloudTrail, CloudWatch, Security Hub, GuardDuty, and Azure Security Center.  Experience in technical consulting and working with crossfunctional teams and customers.  Experience in Cloud Security delivered within the context of internal or customer facing roles.  Experience in recruiting and managing a team of experienced engineers on projects.  Strong knowledge of network security concepts such as firewalls, intrusion detection and prevention systems (IDPS), and virtual private networks (VPNs).  Expertise in security incident response, including incident detection, analysis, containment, and recovery.  Familiarity with security testing tools and techniques such as vulnerability scanning, penetration testing, and threat modeling.  Experience with security information and event management (SIEM) systems, especially within the context of monitoring cloud environments.  Knowledge of authentication and authorization mechanisms such as OAuth, SAML, and LDAP.  Experience with security compliance frameworks such as SOC 2, relevant data privacy regulations, PCI-DSS etc.  Knowledge of container security and experience with container orchestration platforms such as Kubernetes.  Experience with Infrastructure-as-Code (IaC) tools such as Terraform and CloudFormation.  Strong communication and interpersonal skills to communicate technical information to both technical and non-technical stakeholders.  Experience leading cloud security projects and managing security teams.  Strong knowledge of cloud security best practices and industry standards.  Confident, tactful, and able to effectively influence others and deal effectively with senior leaders.  Critical thinking, presentation and analytical skills will be an advantage.  Strong communicator, including listening skills with an ability to translate insights across business and technology teams and to develop and present new ideas and conceptualize new approaches and solutions.  Strong team and work ethic, comfortable with ambiguity, change and challenge.

We offer:

An exciting opportunity to work with a Big 4 firm on cutting edge infrastructural development across Africa. Continuous learning and development. Exposure to multi-disciplinary client service teams. Unrivalled space to grow and be innovative.