Share this Job

GSOC Senior Analyst

Date: Nov 27, 2018

Location: London, United Kingdom

Company: KPMG UK

AutoReq ID137345BR
Job TitleGSOC Senior Analyst
CountryUnited Kingdom
FunctionKPMG Business Services
Service LineIHQ
Service Line Information

KPMG OverviewKPMG is part of a global network of firms that offers Audit, Tax & Pensions, Consulting, Deal Advisory and Technology services. Through the talent of over 16,000 colleagues, we bring our creativity and insight to our clients’ most critical challenges.

With offices across the UK, we work with everyone from small start-ups and individuals to major multinationals, in virtually every industry imaginable. Our work is often complex, yet our vision is simple: to be the clear choice for our clients, for our people and for the communities we work in.

Job DescriptionThe Team:
KPMG’s Global Security Operations Centre (GSOC) helps defend KPMG and its clients from cyber-attacks, through timely detection, investigation and remediation of potential threats.
The role holder is responsible for the continuous investigation of correlated security event feeds and the appropriate escalation in case of an identified security incident. They are the primary contact for any suspected security incident and work together with the member firm local Computer Security Incident Response Team (CSIRT) and remediation team on resolving incidents and remediating threats to KPMG.
The GSOC Senior Analyst also takes part in the creation and steady improvement (fine-tuning, whitelisting, etc.) of correlation rules, security policies, processes and procedures and other related documentation.

The role:
— Act as Subject Matter Experts for analysis functions, providing support on more involved cases and guiding the activity of other analysts through collaboration
— Investigate incidents using SIEM technology, packet captures, reports, data visualization, and pattern analysis.
— Analyse, escalate, and assist in remediation of critical information security incidents.
— Improve and challenge existing processes and procedures in a very agile global and fast moving information security environment.
— Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks in support of technologies managed by the GSOC
— Act as the lead coordinator for the GSOC’s response to individual cyber security incidents
— Identify and document containment and remediation efforts which successfully reduce risk
— Maintain documentation on residual risk, along with assignment of leadership owners and recommended steps for remediation
— In times when the Operations Manager or Lead Analysts are not present, act in a leadership role within the GSOC
— Participate in project work, sometimes acting as project lead

The Person:
— IT Security experience
— Bachelor's Degree in Computer Science, Computer Networking, or Computer Security or equivalent
— CISSP or CISA or CISM or Certifications or equivalent

Technical Skills

— Advanced understanding of information security, border protection, incident handling & response, forensics, endpoint protection & encryption
— Strong understanding of computer science: algorithms, data structures, databases, operating systems, networks, and tool development
— Able to evaluate current people, processes, technology, and business drivers to improve the GSOC.
— Network infrastructure knowledge, advanced knowledge of TCP/IP and Internet protocols.
— Experience with network forensics and packet and Netflow analysis, In-depth knowledge of infrastructure and operating systems.
— Policy and Standard, Incident Management., Prioritization, Technologies, Security, Testing, Monitoring, IT Change, Infrastructure, Application
— Understanding and experience using various security related exploits and tools
— Strong ability to communicate: write clearly and speak authoritatively to different audiences
— Advanced knowledge in; Firewalls, VPN, Intrusion detection and prevention systems, anti-virus and content filtering, URL filtering, authentication solutions, switches, routers, VoIP, DMZ.
— Ability to troubleshoot common network devices, network, vulnerabilities and network.


— Master’s Degree preferred. Earned one or more of the following certifications:
— GSEC (GIAC Security Essentials Certification)
— GISP (GIAC Information Security Professional)
— GMON (GIAC Continuous Monitoring Certification)
— GCIH (GIAC Certified Incident Handler)
— CCFP (Certified Cyber Forensics Professional)
— CCNP (Cisco Certified Network Professional)
— Security toolset certification (vendor provided training, i.e. Checkpoint, etc.).
— Operate firewalls, intrusion detection systems, and various enterprise security management, endpoint assessment and asset inventory technologies
— Experience of RSA SIEM tool set (Security Analytics, Security Operations, Archer)

Our DealIf the chance to work with interesting clients and innovative technology wasn’t rewarding enough, we’ll motivate you in other ways too. At KPMG you can expect real responsibilities and opportunities to grow professionally.

‘Our Deal’ sets out all the different ways you’ll be rewarded at KPMG. Among other things you can benefit from honest conversations about your career as well as a range of other rewards. In all these ways and more, we have created an environment that can bring out the best in you.

Flexible WorkingWhile some of our client-facing professionals can be required to travel regularly, and at times be based at client sites, we are supportive where possible of helping you to achieve a balance between your home and work demands.

We are happy to discuss individual requirements and our range of flexible working arrangements could be of interest. Furthermore, as part of the recruitment process, we can put you in touch with people who work flexibly so you can understand from them what our culture is like.

Applying with a DisabilityKPMG are proud to be an inclusive, equal opportunity employer and we seek to attract and retain the best people from the widest possible talent pool. As a member of the Business Disability Forum we're committed to ensuring that you are treated fairly throughout our Recruitment Process. Should you be successful after the initial application stage, please discuss any reasonable adjustments that you may require, with your recruitment contact.

KPMG's commitment to diversity

We are proud of the value we place on individuality; we want you to bring your full self to work and truly maximise your potential. We believe that your individuality helps us to deliver the best results for our clients. Diversity of background, diversity of experience, diversity of perspective - that's the KPMG difference. But, don't take our word for it, find out more about diversity at KPMG.

Returning to work after a break
At KPMG, we appreciate that returning to work after an extended career break can be daunting. We understand that those with experience who have taken a career break have a wealth of experience and knowledge to offer our organisation, which helps us to achieve our business goals. We will support you to refresh your skills, develop your confidence and provide a supportive network across the firm to help you best integrate into the working environment. This role welcomes applications for individuals who have been out of work for 18 months or more and who have previous relevant experience.

Policy for Agencies

KPMG has a commitment to sourcing candidates directly and as such we do not accept speculative CV’s from agencies. Please check here to see our policy on agencies: Policy

Job Segment: Consulting, Telecom, Telecommunications, Cisco, Risk Management, Technology, Finance