Our Connected Technology Group (CTG) defines and drives the digital, data and technology strategy for KPMG. We have an important advocacy role for technology in the market and across KPMG, working with our technology leaders to build our market presence. We cultivate collaboration and integrate tech execution across our business, driving a firmwide approach to how we go-to-market and build the capability of our people and attract new talent.
Your Opportunity
We are seeking an experienced Cyber Security Architect to provide strategic and hands‑on architectural services across a complex enterprise environment.
This role bridges the gap between business needs, cyber risk, and technology solutions, supporting secure design and delivery of IT controls and systems aligned to recognised governance, risk and compliance (GRC) frameworks. You will work across business, information, application and technology domains to shape current and future‑state security architecture.
Forming part of the Cyber Security Operations team, this role will play a key part in:
-
Shaping the Secure by Design capability as part of the broader architecture governance function
-
Collaborating with domain architecture leads (e.g. enterprise, cloud, infrastructure, data, and application) to ensure security is embedded consistently through architecture governance processes
-
Working closely with both local and international colleagues to uplift KPMG Australia and KPMG Global security standards
-
Performing security architecture reviews, identifying security risks and gaps within solution designs, ensuring acquired and developed systems and architectures meet KPMG cybersecurity standards
-
Embedding threat modelling into design and delivery practices
-
Leading and mentoring Security Architects
-
Adopting modern ways of working, including documentation through markdown and GitOps processes
-
Documenting, maintaining, and publishing security patterns, baselines, and checklists to support consistent and scalable secure‑by‑design practices
-
Developing and integrating cybersecurity designs for systems and networks in line with KPMG Australia, Global, and client requirements
How are you extraordinary?
-
You demonstrate a growth mindset, actively seeking opportunities to learn, challenge established thinking, and step beyond your comfort zone to drive better outcomes.
-
You are able to analyse, distil, and clearly communicate complex ideas in both written and verbal form, tailoring your message to a wide range of stakeholders.
-
You take pride and accountability in your work, showing ownership of high‑profile initiatives and a strong commitment to quality, integrity, and delivery.
Your Experience
At KPMG, we believe diversity of thought, background and experience strengthens relationships and delivers meaningful benefits to our people, our clients, and communities. To be considered for this opportunity, your qualifications, skills & experience could include:
-
Strong working knowledge of recognised cybersecurity frameworks and standards, such as NIST, ISO 27001 and the Australian Government ISM and the demonstrated ability to translate to practical security controls and architectural guidance
-
Practical experience embedding threat modelling into solution design and delivery
-
Broad experience across multiple security domains, including identity and access management, network security, data protection, and application security
-
Experience designing security architectures for modern cloud environments, including the use of contemporary tools, platforms, and security‑by‑design practices
-
Understanding of relevant Australian regulatory and legislative requirements, such as APRA CPS 234, SOCI, ISM, and related obligations
