Cloud Monitoring & Compliance Engineer

Location: United Kingdom (fully remote)

About KPMG International

KPMG International, with over 273,000 colleagues across 143 countries, is dedicated to delivering innovative solutions and positive change through its audit, tax, and advisory services. Joining KPMG offers extensive career opportunities within a global organization that influences standards, develops technology solutions, and impacts communities worldwide.

About this Global Group

Global Technology & Knowledge supports KPMG’s digital transformation, security, and technology services. The group operates under five domains: Technology Portfolio Delivery, Global Enterprise Technology, Technology Strategy & Blueprint, Global Information Security Group, and Business Operations, focusing on technology excellence and strategic initiatives.

About this Team

The Global Information Security Group (GISG), through its Information Security Services (ISS) team, including the Global Security Operations Center (GSOC) and Vulnerability Attack Surface Defense (VASD), defends against cyber threats via detection, investigation, and remediation efforts.

Role summary

The Cloud Monitoring & Compliance Engineer ensures visibility into security and compliance across KPMG’s cloud-native technology stack. Responsibilities include managing GSOC tools on Windows, Azure, and O365 platforms, supporting multi-cloud environments, and implementing security best practices. Key duties include:

1. Analyzing MDC Product alert requests related to CWP & CSPM.
2. Customizing and enhancing Cloud Security Posture Management and Microsoft Defender for Cloud features.
3. Onboarding new tenants and cloud providers.
4. Planning and executing automated remediation activities.
5. Liaising with vendors to optimize product use and influence roadmaps.
6. Managing, troubleshooting, and maintaining security tools.
7. Collaborating with GISG teams to identify new service opportunities.
8. Ensuring compliance with internal controls and standards.
9. Utilizing DevOps practices to document project tasks.

Key Accountabilities

• Analyzing MDC Product alerts and client requests.
• Enhancing CSPM and CWP features to meet KPMG requirements.
• Implementing automated remediation.
• Engaging with vendors for product development and roadmap influence.
• Onboarding tenants and cloud providers.
• Maintaining and troubleshooting security tools.

Experience / Qualifications

• Extensive IT experience with major cloud providers.
• Bachelor’s degree in Computer Science or related field, or equivalent experience.
• Strong knowledge of Cloud Security Posture Management tools (e.g., Microsoft MDC, Twistlock, Redlock).
• Experience securing cloud environments, including compliance and certification.
• Understanding of API security and standards.
• Knowledge of exploits, malware, and detection methods.
• Proficiency in building complex queries (RQL, KQL, SQL).
• Experience with Azure, AWS, or GCP security configurations.
• Programming skills in Python or PowerShell.

Agile/Flexible Working

KPMG supports flexible working arrangements to help balance work and home life. Contact us to learn more about our flexible policies.

KPMG’s commitment to inclusion & diversity

We value diversity and inclusion, aiming to attract, develop, and retain talent from varied backgrounds. We foster an inclusive environment where everyone can thrive.

Applying with a disability

We are committed to fair treatment during recruitment. Please discuss any reasonable adjustments needed with your recruitment contact.