Security Posture Manager

Posted 1 day 8 hours ago by Career Choices Dewis Gyrfa Ltd

£60,000 - £80,000 Annual
Permanent
Full Time
I.T. & Communications Jobs
Lancashire, Manchester, United Kingdom, M21 0
Job Description
About KPMG International

About KPMG International Together with more than 276,000 colleagues in 138 countries throughout our member firms, people at KPMG imagine big ideas and bring solutions to life for clients both big and small.

A role with KPMG International will open a world of opportunity in your career.

KPMG International helps set the strategy and protects the reputation of this global organization of independent professional services firms providing Audit, Tax and Advisory services.

We deliver value to our member firms and drive positive change in the communities we serve.

By joining us you will gain a unique understanding of how a global organization operates and work on projects that impact the whole organization.

From setting standards and best practices to developing innovative tech- enabled solutions for clients, you'll be part of a global team changing the way our business operates.

We look forward to welcoming you to our team.

About this Global Group - Global Technology & Knowledge

The core services provided by Global Technology & Knowledge are more crucial than ever to our future, as we enable KPMG's digital transformation, provide trusted technology services, ensure security across the network and accelerate our Collective Strategy.

Our ways of working are based on the principles of customer centricity, communities of expertise, an optimised delivery model, flexibility, a culture of empowerment, and fulfilling careers.

We are organised under five 'domains': Technology Portfolio Delivery, Global Enterprise Technology, Technology Strategy & Blueprint, Global Information Security Group and Business Operations.

This is an exciting time for us as we continue to drive technology excellence at the heart of Collective Strategy v
3.0, and our GT&K colleagues all play a pivotal role in making this a success.

About this Team

As part of the Global Information Security Group (GISG), the Information Security Services (ISS) team which includes the Global Security Operations Center (GSOC) helps defend KPMG and its clients from cyber attacks, through timely detection, investigation and remediation of potential threats.

Role Summary

The Security Posture Management Manager will drive modernisation and continuous improvement within the services aligned with Security Posture Management: Identity Security Posture Management, Data Security Posture Management, AI Agent Security Posture Management, SaaS Security Posture Management, Cloud Security Posture Management and Vulnerability Posture Management.

This role focuses on analysing the data provided, designing processes to support the identification of security postures across the discipline's supported by the service, communicating the postures and with any necessary escalations and supporting the management of the escalations.

The individual will focus on strategies to reduce the postures to an acceptable level, monitoring the posture level and identifying any potential themes on why postures have altered.

The individual will demonstrate measurable value to executive leadership by aligning initiatives with strategic business objectives.

Key Accountabilities
  • Data Analysis - Monitor security posture across the disciplines above and automate to be more effective whilst reducing any relevant potential attack surfaces identified.
  • Assess applicability of AI/ML, predictive analytics, and orchestration platforms for reducing security posture and insecure configuration prioritisation and remediation.
  • Mapping potential attack surfaces to identify actual attack surfaces.
  • Process Innovation - Identify gaps in current workflows and propose enhancements.
  • Assist with the development of proof of concept (PoC) projects for new tools and processes, ensuring compatibility with enterprise architecture.
  • Integration & Implementation - Support the design of new technologies with existing monitoring, ticketing, and reporting systems (e.g., MDC, Qualys, ServiceNow).
  • Collaborate across all ISS services to leverage all available data and operationalise automation use cases to reduce security posture with automated remediation actions where appropriate.
  • Stakeholder Engagement - Communicate technical concepts and business value to executive leadership and non technical stakeholders.
  • Prepare ROI analyses and business cases for proposed innovations.
Experience / Knowledge / Qualifications
  • Experience in cloud centric cybersecurity coupled with a focus on vulnerability management or threat management.
  • Bachelor's degree in a related field (e.g. Computer Sciences, Computer Engineering, Information Technology and Security) or equivalent work experience.
  • Proven track record of leading innovation or transformation projects in security operations.
  • Experience presenting technical solutions and ROI to technical and executive audiences.
  • Strategic thinker with strong problem solving and conceptual skills.
  • Ability to work independently and influence cross functional teams.
Core Skills
  • Strong understanding of vulnerability management lifecycle (identification, prioritisation, remediation).
  • Understanding of identity lifecycle management.
  • Understanding of data lifecycle management.
  • Understanding of various security posture management tooling.
  • CSPM, SSPM, Qualys - Familiarity with CVSS scoring, EPSS predictive models, and MITRE ATT&CK framework.
  • Knowledge of cloud security (Azure, GCP, AWS) and container security (Kubernetes, Docker).
  • Programming & Automation - Experience with CI/CD pipelines and integration of security tools.
  • Experience with API integration, Agentic AI, Data Analytics.
  • Ability to leverage data visualisation and analytics tools for reporting trends and risk metrics (PowerBI, Azure Workbooks).
Agile / Flexible Working

At KPMG International, we are supportive of helping you to achieve a balance between your home and work demands.

We are happy to discuss individual requirements and our range of flexible working arrangements could be of interest.

Please ask to find out more.

Inclusion & Diversity

KPMG International's commitment to inclusion & diversity: We recognise that we need inclusion and diversity to be successful.

We want to attract, retain and develop diverse talent at all levels.

This means recruiting from the widest pool of talent across our network and beyond, removing barriers that can prevent our people from reaching their full potential, and fostering a fully inclusive environment which empowers everyone to bring their whole selves to work.

Applying with a disability - KPMG International is proud to be an inclusive place to work and we are committed to ensuring that you are treated fairly throughout our recruitment process.

Should you be successful after the initial application stage, please discuss any reasonable adjustments that you may require with your recruitment contact.

Proud member of the Disability Confident employer scheme.

Legal Notice

Jobs are provided by the Find a Job Service from the Department for Work and Pensions (DWP).