Security Architect

About the role

KPMG’s Connected Technology Group is seeking an experienced Cyber Security Architect to provide strategic and hands‑on architectural services across a complex enterprise environment. The role bridges business needs, cyber risk, and technology solutions to ensure secure design and delivery of IT controls and systems.

Key responsibilities

• Shape the Secure‑by‑Design capability within the broader architecture governance function.
• Collaborate with domain architecture leads (enterprise, cloud, infrastructure, data, application) to embed security consistently.
• Work with local and international colleagues to uplift KPMG Australia and Global security standards.
• Perform security architecture reviews, identify risks and gaps, and ensure solutions meet KPMG cybersecurity standards.
• Embed threat modelling into design and delivery practices.
• Lead and mentor other Security Architects.
• Adopt modern ways of working, including documentation with markdown and GitOps processes.
• Document, maintain, and publish security patterns, baselines, and checklists for scalable secure‑by‑design practices.
• Develop and integrate cybersecurity designs for systems and networks in line with KPMG and client requirements.

Required profile

• Demonstrated growth mindset with a proactive approach to learning and challenging established thinking.
• Proven experience in cyber security architecture within large, complex enterprises.
• Ability to collaborate across global teams and influence early design decisions.

Required skills

• Security architecture
• Threat modelling
• Knowledge of governance, risk and compliance (GRC) frameworks
• Experience with enterprise, cloud, infrastructure, data, and application architecture domains
• Proficiency in documentation tools such as markdown and GitOps workflows