Cyber Security Innovation Engineer

Job description

About KPMG International Together with more than 276,000 colleagues in 138 countries throughout our member firms, people at KPMG imagine big ideas and bring solutions to life for clients both big and small. A role with KPMG International will open a world of opportunity in your career. KPMG International helps set the strategy and protects the reputation of this global organization of independent professional services firms providing Audit, Tax and Advisory services.

We deliver value to our member firms and drive positive change in the communities we serve. By joining us you will gain a unique understanding of how a global organization operates and work on projects that impact the whole organization. From setting standards and best practices to developing innovative tech‑enabled solutions for clients, you'll be part of a global team changing the way our business operates.

We look forward to welcoming you to our team.

The core services provided by Global Technology & Knowledge are more crucial than ever to our future, as we enable KPMG's digital transformation, provide trusted technology services, ensure security across the network and accelerate our Collective Strategy. Our ways of working are based on the principles of customer‑centricity, communities of expertise, an optimized delivery model, flexibility, a culture of empowerment, and fulfilling careers.

We are organized under five 'domains':
Technology Portfolio Delivery, Global Enterprise Technology, Technology Strategy & Blueprint, Global Information Security Group and Business Operations. This is an exciting time for us as we continue to drive technology excellence at the heart of Collective Strategy v3.0, and our GT&K colleagues all play a pivotal role in making this a success.

As part of the Global Information Security Group (GISG), the Information Security Services (ISS) team which includes the Global Security Operations Center (GSOC) helps defend KPMG and its clients from cyber‑attacks, through timely detection, investigation and remediation of potential threats.

The Security Posture Management Innovation Engineer will drive modernization and continuous improvement within the services aligned with Security Posture Management:

• Identity Security Posture Management
• Data Security Posture Management
• AI Agent Security Posture Management
• SaaS Security Posture Management
• Cloud Security Posture Management
• Vulnerability Posture Management

This role focuses on researching emerging technologies, designing innovative processes, and integrating new solutions into existing systems to enhance efficiency, scalability, and security posture. The individual will demonstrate measurable value to executive leadership by aligning initiatives with strategic business objectives.

• Monitor emerging cybersecurity technologies, frameworks, and automation tools relevant to attack surface management.
• Assess applicability of AI/ML, predictive analytics, and orchestration platforms for vulnerability and insecure configuration prioritization and remediation.

• Identify gaps in current workflows and propose enhancements.
• Assist with the development of proof‑of‑concept (PoC) projects for new tools and processes, ensuring compatibility with enterprise architecture.

• Design integration strategies for new technologies with existing monitoring, ticketing, and reporting systems (e.g., MDC, Qualys, Service Now).
• Collaborate with engineering and IT teams to operationalize automation for vulnerability detection and remediation.

• Communicate technical concepts and business value to executive leadership and non‑technical stakeholders.
• Prepare ROI analyses and business cases for proposed innovations.

• Strong experience in cloud‑centric cybersecurity with a focus on vulnerability management or threat management.
• Bachelor's degree in a related field (e.g. Computer Sciences, Computer Engineering, Information Technology and Security) or equivalent work…