Manager, Cyber Threat Hunting and Incident Response - Remote

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today’s most important industries. Our growth is driven by delivering real results for our clients. It’s also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it’s no wonder we’re consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you’re as passionate about your future as we are, join our team.

KPMG is currently seeking a Cyber Threat Hunting and Incident Response Analyst to join our Digital Nexus organization. This is a remote work opportunity.

Responsibilities:

• Perform all phases of incident response life cycle: preparation, analysis, containment, eradication, remediation, recovery and post-incident activity
• Complete threat hunting in both on-premise and cloud environments
• Define, document, test and manage incident response processes, document processes and procedures in the form of playbooks and reference guides
• Evaluate external threat intelligence sources related to zero-day attacks, exploit kits and malware to determine organizational risk and improve threat detection by incorporating into detection tools
• Conduct forensics: host-based disk and memory as well as network; analyze to determine root cause and impact
• Develop security monitoring by using cases and supporting content for security tools such as dashboards, alerts, reports, rules; including but not limited to the configuration and monitor security information and event management (SIEM) platform for security alerts

Qualifications:

• Minimum five years of recent security monitoring experience and incident response activities, preferably within a professional services firm or similar environment
• Bachelor's degree from an accredited college/university is preferred
• Solid understanding of network and system intrusion and detection methods; examples of related technologies include Splunk, Next Generation Endpoint Protection Platforms (EPP), Security information and event management (SIEM), hacking tools techniques and procedures
• Experience with IT process definition and/or improvement; experience with coding and analytics, malware analysis, endpoint lateral movement detection methodologies and host forensic tools
• Understanding of network protocol analysis, public key infrastructure, SSL, Microsoft Windows and Active Directory, Linux, open-source software, scripting, SQL, and software programming
• US Citizenship is required

KPMG complies with all local/state regulations in regards to displaying salary ranges. If required, the salary range(s) are displayed below and are specifically for those potential hires who will perform work in or reside in the location(s) listed, if selected for the role. Any offered salary is determined based on internal equity, internal salary ranges, market-based salary ranges, applicant's skills and prior relevant experience, certain degrees and certifications (e.g. JD, technology), for example.  

Los Angeles / Irvine / Seattle / Bellevue Salary Range: Low: $109100 - High: $206300    

Santa Clara / Walnut Creek / San Jose / San Francisco Salary Range: Low: $121000 - High: $228800   

Sacramento / San Diego Salary Range: Low: $104200 - High: $196900        

Albany Salary Range: Low: $99200 - High: $187500

KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.

KPMG does not currently require partners or employees to be fully vaccinated or test negative for COVID-19 in order to go to KPMG offices, client sites or KPMG events, except when mandated by federal, state or local law.  In some circumstances, clients also may require proof of vaccination or testing (e.g., to go to the client site).