Social network you want to login/join with:
Base Location: Hybrid/UK based (core office in London) plus network of 20 offices nationally.
The KPMG EWT function is a cornerstone of our business. We do work that matters to our local communities—supporting technical innovation and adopting cutting-edge solutions across the UK. Working on complex engagements in enterprise technology, this team is responsible for delivering advanced technical solutions and ensuring accuracy on the first attempt.
KPMG is one of the world's largest and most respected consultancy firms. We have supported the UK through times of war, peace, prosperity, recession, and political upheaval. We proudly stand alongside the institutions and businesses that shape the UK.
Why join KPMG EWT as a Senior Threat Detection Analyst?
The team is a vital part of Security Operations at KPMG. It ensures that the business's IT systems are protected and monitored against cyber threats. The team collaborates with external MSSPs to monitor, analyze, report cyber threats, and respond effectively. It also works with internal business units to embed security monitoring services into their solutions, aligning with the evolving cyber threat landscape and business risks.
The role involves protecting and monitoring IT systems from threats, active monitoring of security sensors, incident response, and collaboration with various teams to embed security practices.
You will participate in an on-call rota for SOC, typically one week per month.
Responsibilities include:
1. Acting as an escalation point for security analysts and MSSPs.
2. Coordinating SOC responses and improving triage processes.
3. Deputizing for the Threat Detection Manager when needed.
4. Proactively monitoring security sensors for threats and managing incidents.
5. Using security analytics tools to identify emerging threats.
6. Collaborating with internal teams to ensure comprehensive monitoring.
7. Engaging with GSOC & MSSP for incident response and intelligence sharing.
8. Managing incidents, documenting work, and contributing to continuous improvement.
9. Operationalizing threat intelligence and maintaining documentation.
10. Participating in projects to enhance security posture.
11. Identifying trends, emerging technologies, and potential threats.
12. Prioritizing alerts and triaging security events.
13. Documenting incidents accurately and escalating as necessary.
14. Identifying gaps in security visibility and logic, and escalating findings.
15. Hunting for threat indicators using log data and endpoint/network artifacts.
Requirements:
* Prior experience in Cyber Security.
* Experience working in a SOC or security monitoring team.
* Knowledge of SIEM, EDR tools such as Microsoft Sentinel, Microsoft Defender, etc.
* Experience with incident management, threat mitigation, and security technologies.
* Familiarity with IDS, IPS, firewalls, logs, and SIEM systems.
* Experience with cloud environments (AWS, Azure, GCP).
* Knowledge of frameworks like MITRE ATT&CK.
* Understanding of security standards like ISO 27001, GDPR, etc.
* Strong analytical skills and ability to work under pressure.
Desired Skills:
* SC clearance or ability to obtain it.
* Bachelor’s in Computer Science or related field.
* Relevant industry certifications (CISSP, GIAC, SC-200, AZ-500, etc.).
Locations:
With 20 sites across the UK, options include office work, remote work, flexible hours, and part-time arrangements. Discuss your needs with our team.
Learn more:
Explore our divisions and programs:
* Consulting at KPMG
* ITs Her Future Women in Tech
* KPMG Workability and Disability Confidence
For application support, please click the provided links.
#J-18808-Ljbffr