Share this Job

Lead Incident Reponse Analyst

Date: Sep 15, 2021

Location: London, United Kingdom

Company: KPMG UK

Lead Incident Response Analyst (Grade D)

The Team
KPMG is building a new UK Information Security Practice to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organisation and establish sustainable security capabilities that are integrated with the business. This role is the Incident Response & Investigations Manager within the KPMG UK Security Operations Centre (SOC).

You will have a key role in the firm’s management of security incidents, ensuring that KPMG UK investigates and responds promptly and effectively to information security incidents including ensuring that KPMG UK meets is regulatory and client obligations. You will ensure that the firm learn from incidents and contribute to continuous improvement of information security controls.

The Role
• Undertake initial assessment of reported security incidents, gather and analyse evidence from all relevant sources, draw investigative conclusions and determine appropriate response to incidents.
• Carry out detailed root cause and lessons learned analysis, producing investigative reports and disseminate findings to internal stakeholders.
• Act as a referral point for other team members, providing investigative advice and guidance or further escalation as required.
• Support the development of technical and investigative skill set of team members.
• Undertake other administrative and investigative tasks as required.

The Person
• Hands on experience in Information Security Incident Response and Investigation.
• Ability to work independently in the management and investigation of complex Information Security Incidents
• Experience of gathering evidence from a variety of sources, both from systems and individuals
• Experience working in high pressured environments.
• Extensive experience of investigative techniques and evidence gathering.
• Experience with technologies, tools and process controls to minimise risk of Information Security Incidents.
• Experience in internal stakeholder liaison such as Client Engagement Teams, HR, Office of General Counsel and Technology Teams.

Job Segment: Law, Cyber Security, Information Security, Legal, Security, Technology