MSS (Managed Security Services) Senior Analyst

  • Anywhere
  • Anywhere

KPMG

Job description
Role Summary: 
KPMG’s MSS (Managed Security Services) helps defend KPMG and its clients from cyber-attacks, through timely detection, investigation and remediation of potential threats.
The role holder is responsible for the continuous investigation of correlated security event feeds and the appropriate escalation in case of an identified security incident. They are the primary contact for any suspected security incident and work together with the member firm local Computer Security Incident Response Team (CSIRT) and remediation team on resolving incidents and remediating threats to KPMG.
The MSS Senior Analyst also takes part in the creation and steady improvement (fine-tuning, whitelisting, etc.) of correlation rules, security policies, processes and procedures and other related documentation. In addition, they will support and help develop India base shift Analysts. 

Working hours Monday to Friday with out of hours on call responsibilities

  • Improve and challenge existing processes and procedures in a very agile global and fast moving information security environment.
  • Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks in support of technologies managed by MSS
  • Represent MSS in project work, sometimes acting as project lead
  • Senior Analysts should have expert knowledge of:
    • Cloud monitoring technologies particularly Microsoft 
    • EDR technologies, particularly Microsoft
    • Information security policies and goals
    • Log analysis and event traffic patterns
    • DLP, encryption, firewall technology
    • The current IT threat landscape and upcoming trends in security
  • Responsible for incident response activities
  • Work with Content Engineers in the development of suitable content logic and tuning of such content. 
  • Work with Threat Intelligence and Vulnerability Management to monitor for emerging threat patterns and vulnerabilities.
  • Assists with recommendations and workarounds.
  • Coordinates with other external stakeholders.
  • Communicates with management on incident updates.
  • Able to complete the incident lifecycle without higher level supervision

 
Key Accountabilities:

  • Act as Subject Matter Experts for analysis functions, providing support on more involved cases and guiding the activity of other analysts through collaboration
  • Investigate incidents using SIEM technology, packet captures, reports, data visualization, and pattern analysis.
  • Analyze, escalate, and assist in remediation of critical information security incidents.
  • Act as the lead coordinator for the MSS’s response to individual cyber security incidents
  • Maintain documentation on residual risk, along with assignment of leadership owners and recommended steps for remediation
  • Identify and document containment and remediation efforts which successfully reduce risk
  • Responsible for taking action on alerts, events, and incidents escalated from the shift Analysts.

 
Technical Skills & Qualifications

  • CISSP, CISA, CISM Certifications or equivalent
  • Advanced skills in analysis and response in a hybrid cloud/on premise environment
  • Network infrastructure knowledge, advanced knowledge of TCP/IP and Internet protocols.
  • Advanced understanding of information security, border protection, incident handling & response, forensics, endpoint protection & encryption
  • Optional, earned one or more of the following certifications:
    • GSEC (GIAC Security Essentials Certification) 
    • GISP (GIAC Information Security Professional)
    • GMON (GIAC Continuous Monitoring Certification)
    • GCIH (GIAC Certified Incident Handler)
    • CCFP (Certified Cyber Forensics Professional)
    • CCNP (Cisco Certified Network Professional)
    • Security toolset certification (vendor provided training, i.e. Microsoft, etc.).

To apply for this job please visit www.cybersecurityjobsite.com.

To apply for this job please visit www.cybersecurityjobsite.com.

Contact us

KPMG

Related Jobs