EWT Security | Analyst - Incident Response Analyst

Working as part of the KPMG Security Operations Centre team within Information Security, you will play a key role in ensuring that the business IT systems are protected from threats. KPMG (UK) Incident Response & Investigations Team are undergoing transformation to maximise their effectiveness and success in the management of both technical and non- technical Security Incidents affecting the Firm. 

KPMG offer an inclusive and flexible working environment. We are looking for an Incident Response Analyst to support the Incident Response & Investigations Team, by carrying out initial review of reports, information gathering, undertaking necessary administrative actions and otherwise supporting the team as required.

• You will have a key role in leading the firm’s management of security incidents. 
• You will assess, triage and follow through for the day to day monitoring, response and investigative analysis of KPMG security incidents. 
• You will undertake assessment of reported security incidents
• You will lead investigations into incidents and undertake interviews where necessary
• Manage security incidents and escalations
• You will also use information gathered from KPMG security incidents to create intelligence reports and management information.
• You will proactively highlight issues and escalations where required
• Work closely with other KPMG teams to ensure that all technologies are activity monitored including troubleshooting where necessary.
• Interact with the Global Security Operations Centre (GSOC), for Incident response and intelligence sharing, escalating to management where required
• You will manage the team’s mailbox for requests from functions across the firm regarding security incident investigations.
• You will support other security activities related to incidents and undertake other administrative and investigative tasks as required.

• Excellent analytical / problem solving skills.
• Good relationship management skills
• Experience in the full lifecycle of incident management
• Background in security incident management or investigations would be desirable. 
• Experience in investigations and ability to lead interviews desirable.
• Strong communication and information gathering skills.
• To be able to make clear decisions and recommendations based on data analysis and intelligence.
• Proven experience and proficiency with MS Word, Excel, and PowerPoint.
• Demonstrate initiative and commitment for results and the ability to set priorities and manage multiple projects.
• The ability to work unsupervised and effectively under pressure.
• A good team player.
• Good inter-personal skills and ability to communicate effectively with stakeholders at all levels.
• Demonstrate an interest in and understanding of information security and security incident response.

Tools

• Azure Sentinel
• Splunk