GSOC (Global Security Operations Center) Incident Response Manager
London
Applications have closed
About KPMG International
Through helping other organizations mitigate risks and grasp opportunities, we can drive positive, sustainable change for clients, our people and society at large. KPMG firms operate in 143 countries and territories, and in FY22, collectively employed more than 265,000 partners and people, serving the needs of business, governments, public-sector agencies, not-for-profits and through KPMG firms' audit and assurance practices, the capital markets. KPMG is committed to quality and service excellence in all that we do, bringing our best to clients and earning the public's trust through our actions and behaviors both professionally and personally.
We lead with a commitment to quality and integrity across the KPMG global organization, bringing a passion for client success and a purpose to serve and improve the communities in which KPMG firms operate. In a world where rapid change and unprecedented disruption are the new normal, we inspire confidence and empower change in all we do."
About the team
GISG (Global Information Security Group) is one of five domains within KPMG’s Global Technology & Knowledge group. GISG provides the information protection and technology infrastructure that secures KPMG’s technology environment and connects its network of member firms. GISG works with the other GT&K domains to ensure that appropriate security controls are in place for KPMG technology solutions.
Role summary
• Provide Bridge between GISG Operational teams and ITS Global Major Incident Management Process
• Coordinate Security Incident management activities across Regions
• Provide Member Firms with Incident Response advice and support through the regional model
• Provide guidance to GSOC Operational Teams on advice given to MF when escalating incidents
• Provide Regionally aligned situational awareness to MF's and GSOC Operational Teams
• Define, set up, and maintain repeatable Teams War Room structure
• Define, set up, and maintain communication structure and templates for the three below high level incident types. Assist in coordination with GCISO to link into board level and regulatory comms requirements
• Give Service Management the Security context of any Security Incident promoted to Major Incidents
• Assist in the delivery of Cyber War games and purple teaming activities
• Initiate US Advisory IR assistance requests
• Coordinate US Advisory IR activities when necessary
Key accountabilities
- Provide Security Incident Management Framework and coverage between GISG and the ITS Global Service Management Major incident management process
- Define and maintain a collaborative workspace structure for Security incident management activities, to enable near real time exchange of incident related information.
- Oversee the establishment, and provide ongoing management, of a Regional Security incident management model. The model should be based on Security Incident management/Incident response staff in each region
- Provide Incident response advice to all customers based on existing and expected Threat scenarios
- Provide feedback to GSOC, ISS and GISG management on prevalent threats encountered by the regional Teams
- Act as a coordination point for Cyber War Games and Purple team activities
- Act as a coordination point for Incident Response engagements with US Advisory
Experience & knowledge
• Experience of security incident response in a large, distributed organisation
• Experience working in, or alongside, Security Operations Centres in a large, distributed organisation
• Experience working across multi-disciplinary teams in relation to security incident management activities
• Demonstrate experience dealing with complex security related incidents
• Experience working in a hybrid legacy and cloud environment
Technical skills, abilities & qualifications
• Bachelor’s degree in a related field (e.g. Computer Sciences, Computer Engineering, Information Technology and Security) or equivalent work experience
• Significant experience in ITIL based Incident management activities
• ITIL certification or equivalent experience
• GCIH certification or equivalent certification or experience
• Strong communication, reporting and documentation skills, proven ability to discuss with both business and technology management.
Intelligent Working
At KPMG International, we are supportive of helping you to achieve a balance between your home and work demands. We are happy to discuss individual requirements and our range of flexible working arrangements could be of interest. Please ask to find out more.
KPMG International's commitment to inclusion & diversity
At KPMG International, we recognise that we need inclusion and diversity to be successful. We want to attract, retain and develop diverse talent at all levels. This means recruiting from the widest pool of talent across our network and beyond, removing barriers that can prevent our people from reaching their full potential, and fostering a fully inclusive environment which empowers everyone to bring their whole selves to work.
Applying with a disability
KPMG International is proud to be an inclusive place to work and we are committed to ensuring that you are treated fairly throughout our recruitment process. Should you be successful after the initial application stage, please discuss any reasonable adjustments that you may require with your recruitment contact.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Cloud GCIH Incident response ITIL SOC
Perks/benefits: Flex hours
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Information System Security Officer jobs
- Open Security Consultant jobs
- Open Information Systems Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Security Architect jobs
- Open CISA-related jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open Security Clearance-related jobs
- Open Kubernetes-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open SQL-related jobs
- Open PowerShell-related jobs