National AI Awards 2025Discover AI's trailblazers! Join us to celebrate innovation and nominate industry leaders.

Nominate & Attend

Internal Technical Security Consultant

KPMG
Reading
6 months ago
Applications closed

Related Jobs

View all jobs

Senior Security Consultant

Cyber Security Consultant

OT Cyber Security Consultant

Operational Technology Security Consultant

Cyber Security Consultant - GRC

Senior Cyber Security Consultant

Job description

Job Title: Technical Security Consultant

Grade:Manager (Grade C)
Location:All
Department:Security, EWT Function

Team

Security Architecture and Advisory (SAA) is part of KPMG UK Cyber Security, a first line of defence team within the Enterprise-Wide Technology function. The SAA team are critical in the assessment, development, and delivery of innovative, secure digital solutions for KPMG, our clients, and audited entities. The SAA team is vital to KPMG’s ability to demonstrate that we are delivering ‘secure by design’ digital solutions so that our business stakeholders, our customers, and our regulators trust KPMG.

 

Role

This role is within the Security Architecture Consultancy sub-team who provide specialist security advice collaborating with technical and business teams throughout the entire or part of a digital solution’s life cycle. The team owns and develops Security Patterns, Security Specifications, and the Threat Modelling Framework, to support secure technology innovation in a changing threat landscape. The purpose of this role is to advise on the technical security aspects of business products that are considered, evaluated, developed and implemented by technology teams across KPMG UK.

 

The Technical Security Consultant will:

Lead as an internal consultant to an assigned Platform/Capability as part of our Centre of Excellence function providing technical security direction. Collaborate with programmes and projects to help deliver solutions that meet the business need, including any client contractual security requirements, and are compliant with the Enterprise Security Architecture principles – ensuring all applicable controls and patterns are implemented. Work alongside internal Design Authorities and Change Management functions to ensure all change initiatives are reviewed, supported, and aligned with Enterprise Security Architecture. Using threat modelling to provide risk or threat-based advice to programme stakeholders along with actionable recommendations where necessary. Manage the scoping of security testing requirements for new systems and products working closely with our Security Testing function. Provide support for risk assessment, security remediation, investigations, and vulnerability management as part of the wider Information Security team. Support the creation and review of design and guidance documentation where required. Support Enterprise Security Architecture by providing feedback from projects, including developing patterns and specifications in collaboration with Engineering teams. Work towards and achieve or extend professional certifications as part of personal development (e.g. security or Cloud Vendor certifications). Share experiences with others to assist their learning and understanding.

 

Prior experience

You must:

Have worked in at least one of:Infrastructure/Solution ArchitectTechnical Security Architect/ConsultantSecurity Operations Secure application development Hands on experience and knowledge in securing digital products/solutions in the Cloud (e.g. AWS, Azure, and Google). Good understanding of Cloud, Application and SaaS security concepts, best practices, and industry standards. Good experience of working in an Agile software development environment. Be able to demonstrate the ability to adapt communication style to explain technical concepts to different people within an organisation whether advising stakeholders, directing teams, or sharing experience. Experience of successfully working in a fast paced, customer service/regulated environments, delivering high quality information security services. Be calm in challenging situations, able to navigate through complex security problems to find the root cause and a balanced outcome.

 

It would be advantageous if you can demonstrate some, or all of:

Experience and knowledge of threat modelling, container/serverless platforms, modern application development processes, infrastructure/network security; security testing, and security tooling (e.g. SIEM, End Point Protection) Experience in securely configuring and managing any of SAP/Service Now/ Microsoft Dynamics/Sales Force. Any security certification (e.g. CISSP, CCSP, Microsoft).

 

 

National AI Awards 2025

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

How to Get a Better Cyber Security Job After a Lay-Off or Redundancy

Redundancy is never easy—especially in a fast-moving field like cyber security, where your skills and experience are constantly evolving. But if you’ve recently been made redundant from a cyber security role, know this: the UK cyber workforce remains in high demand, and your expertise is more valuable than ever. Whether you’re a SOC analyst, penetration tester, incident responder, security architect or GRC specialist, there are still thousands of opportunities across sectors including finance, defence, government, retail, and critical infrastructure. This guide will help you turn redundancy into a career relaunch, with a clear action plan tailored to the UK cyber security job market.

Jobs

Cyber Security Jobs Salary Calculator 2025: Check Your Market Value in Seconds

Why yesterday’s pay survey no longer protects you. “Could I earn more at a managed SOC?” “Is that fintech’s offer really competitive?” Every UK cyber‑security professional asks some version of those questions—usually after another colleague lands a pay rise, a recruiter sends a tempting JD, or a fresh breach makes headline news. Yet salary guides published even last year feel as out‑of‑date as a forgotten antivirus signature. Since 2024, ransomware gangs switched to double‑extortion, deepfake phishing exploded, & the EU’s NIS2/DORA regulations bled into UK contracts despite Brexit. With each shift, salary bands move. To cut through stale averages, CybersecurityJobs.tech distilled a three‑factor formula that lets you estimate a realistic 2025 salary in under a minute. Feed in your role, your UK region, & your seniority level. The output arms you with data‑driven leverage for your next appraisal, job application, or freelance rate card. This article explains the formula, reveals the forces pushing cyber pay ever higher, & outlines five practical moves to boost your market value within ninety days.

Careers

How to Present Cyber Security Solutions to Non-Technical Audiences: A Public Speaking Guide for Job Seekers

Cyber security is no longer just an IT issue—it’s a board-level priority. Whether you’re applying for a role in penetration testing, security operations, risk management, or compliance, your ability to clearly explain cyber threats and solutions to non-technical stakeholders is vital. This guide will help cyber security job seekers develop one of the most in-demand soft skills in the industry: public speaking. You’ll learn how to simplify complex concepts, structure effective presentations, use storytelling and analogies, and handle common stakeholder questions with confidence.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.