GSOC (Global Security Operations Center) Senior Analyst

About KPMG International 

Together with more than 273,000 colleagues in 143 countries throughout our member firms, people at KPMG imagine big ideas and bring solutions to life for clients both big and small. A role with KPMG International will open a world of opportunity in your career.

KPMG International helps set the strategy and protects the reputation of this global organization of independent professional services firms providing Audit, Tax and Advisory services. We deliver value to our member firms and drive positive change in the communities we serve. By joining us you will gain a unique understanding of how a global organization operates and work on projects that impact the whole organization. From setting standards and best practices to developing innovative techenabled solutions for clients, you'll be part of a global team changing the way our business operates. We look forward to welcoming you to our team.

About this GMT Area

Global Technology & Knowledge 

The core services provided by Global Technology & Knowledge are more crucial than ever to our future, as we enable KPMG's digital transformation, provide trusted technology services, ensure security across the network and accelerate our Collective Strategy. 
 
Our ways of working are based on the principles of customer-centricity, communities of expertise, an optimized delivery model, flexibility, a culture of empowerment, and fulfilling careers. 
 
We are organised under five new `domains': Technology Portfolio Delivery, Global Enterprise Technology, Technology Strategy & Blueprint, Global Information Security Group and Business Operations. 
This is an exciting time for us as we continue to drive technology excellence at the heart of the firm's strategy, and our GT&K colleagues all play a pivotal role in making this a success.  

About this team

ITS Global (Information Technology Services Global) is one of four pillars within KPMG’s Global Technology & Knowledge group. As such, ITS Global provides innovative components that KPMG’s business functions and member firms use to deliver client-facing solutions. ITS Global also provides the information protection and technology infrastructure that secures KPMG’s technology environment and connects its network of member firms. ITS Global works with the other GT&K pillars to provide KPMG technology solutions that leverage world-leading partnerships, disruptive digital capabilities and access to the firm’s collective intelligence.

Role Summary 

KPMG's Global Security Operations Center (GSOC) helps defend KPMG and its clients from cyber-attacks, through timely detection, investigation and remediation of potential threats. 

Responsible for the continuous investigation of correlated security event feeds and the appropriate escalation in case of an identified security incident.
Assess and assist in the creation and improvement (fine-tuning, whitelisting, etc.) of correlation rules, processes and procedures and other related documentation.
Work with Threat Intelligence and Vulnerability Management to monitor for emerging threat patterns and vulnerabilities. 
Support, asdvise, assist and mentor L1 and L2 shift Analysts.
Take a lead Security Analyst role during securit incidents. 
Able to complete the incident lifecycle without higher level supervision.
Effectively Communicates with management on incident updates.
Working hours Monday to Friday with out of hours on call responsibilities
Represent GSOC in GSOC related projects.

Senior Analysts should have expert knowledge of:
   - Cloud monitoring technologies particularly Microsoft 
   - EDR technologies, particularly Microsoft
   - Information security policies and goals
   - Log analysis and event traffic patterns
   - DLP, encryption, firewall technology
   - The current IT threat landscape and upcoming trends in security

Key accountabilities 

• Act as Subject Matter Experts for analysis functions, providing support on more involved cases and guiding the activity of other analysts through collaboration
• Investigate incidents using SIEM technology, packet captures, reports, data visualization, and pattern analysis.
• Analyze, escalate, and assist in remediation of critical information security incidents.
• Act as the lead coordinator for the GSOC’s response to individual cyber security incidents
• Maintain documentation on residual risk, along with assignment of leadership owners and recommended steps for remediation
• Identify and document containment and remediation efforts which successfully reduce risk Responsible for taking action on alerts, events, and incidents escalated from the shift Analysts.

This job is for you if you have

• Bachelor's Degree in Computer Science, Computer Networking, or Computer Security or equivalent experience; Master’s Degree preferred.
• Significant expereince of security experience preferable. 
• Strong understanding of computer science: algorithms, data structures, databases, operating systems, networks, and tool development
• Able to evaluate current people, processes, technology, and business drivers to help improve GSOC.
• Strong ability to communicate write clearly and speak authoritatively to different audiences
• Policy and Standard, Incident Management., Prioritization, Technologies, Security, Testing, Monitoring, IT Change, Infrastructure, Application
• CISSP, CISA, CISM Certifications or equivalent
• Advanced skills in analysis and response in a hybrid cloud/on premise environment
• Network infrastructure knowledge, advanced knowledge of TCP/IP and Internet protocols.
• Advanced understanding of information security, border protection, incident handling & response, forensics, endpoint protection & encryption
• Optional, earned one or more of the following certifications:
o GSEC (GIAC Security Essentials Certification) 
o GISP (GIAC Information Security Professional)
o GMON (GIAC Continuous Monitoring Certification)
o GCIH (GIAC Certified Incident Handler)
o CCFP (Certified Cyber Forensics Professional)
o CCNP (Cisco Certified Network Professional)
o Security toolset certification (vendor provided training, i.e. Microsoft, etc.).

• Experience working in a Microsoft Cloud environment using Microsoft security tooling 
• Experience with network forensics, packet and Netflow analysis, In-depth knowledge of infrastructure and operating systems.
• Advanced knowledge in; Firewalls, VPN, Intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, VoIP, DMZ.
• Understanding and experience using various security related exploits and tools
• Ability to troubleshoot common network devices, network, vulnerabilities and network.

Agile/Flexible Working

At KPMG International, we are supportive of helping you to achieve a balance between your home and work demands. We are happy to discuss individual requirements and our range of flexible working arrangements could be of interest. Please ask to find out more.

KPMG International's commitment to inclusion & diversity

At KPMG International, we recognise that we need inclusion and diversity to be successful. We want to attract, retain and develop diverse talent at all levels. This means recruiting from the widest pool of talent across our network and beyond, removing barriers that can prevent our people from reaching their full potential, and fostering a fully inclusive environment which empowers everyone to bring their whole selves to work.

Applying with a disability

KPMG International is proud to be an inclusive place to work and we are committed to ensuring that you are treated fairly throughout our recruitment process. Should you be successful after the initial application stage, please discuss any reasonable adjustments that you may require with your recruitment contact.