Senior Associate, IT Security Monitoring & Response - Remote

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today’s most important industries. Our growth is driven by delivering real results for our clients. It’s also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it’s no wonder we’re consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you’re as passionate about your future as we are, join our team.

KPMG is currently seeking a Sr. Associate, IT Security Monitoring & Response to join our Digital Nexus technology organization. This is a remote work opportunity.

Responsibilities:

• Monitor for threats and vulnerabilities through a combination of automated and manual processes and respond accordingly; as a continuous feedback loop, incorporate learnings into additional preventive and detective controls; research and develop risk mitigating approaches and drive response and remediation
• Implement automation and orchestration to improve efficiency and effectiveness of security monitoring and response processes; document processes and procedures in the form of playbooks and reference guides; stay abreast of the latest information security controls, practices, techniques, and capabilities in the marketplace, as well as evolving threats
• Participate in internal skills development activities for information security personnel on the topic of security monitoring and incident response; providing mentoring to junior team members; produce operating metrics and key performance indicators
• Perform some or all phases of incident response life cycle: analysis, containment, eradication, remediation, recovery; document, test and manage incident response processes; work with Managed Security Services Provider (MSSP) services and maintain vendor relationships; support personnel investigations
• Monitor for external threats, assessing risk to the firm’s environment and support risk mitigation and response activities; incorporate external threat intelligence sources related to zero-day attacks, exploit kits and malware into detection tools Conduct forensics (such as host-based disk and memory, as well as network) and analysis
• Define security monitoring use cases and develop and tune supporting content for security tools (for example, dashboards, alerts, reports, rules), including but not limited to the configuration and monitor security information and event management (SIEM) platform and endpoint detection tools for security alerts; perform data analysis in support of security event management processes, including root cause analysis

Qualifications:

• Minimum three years of recent and relevant experience in security monitoring, security operations, and incident response activities, preferably within a professional services firm or similar environment
• Bachelor's degree from an accredited college/university or equivalent work experience; CISSP preferred
• Experience defining security monitoring rules, monitoring events, assessing risk, responding to incidents and providing security oversight related to the security features of IT tools supported by the IT operations teams
• Knowledge of incident response; prior experience with IT process definition and / or improvement; ability to integrate security tools with IT infrastructure such as proxies, mail servers, Active Directory, workstations, and mobile devices
• Ability to coordinate, work with and gain the trust of business stakeholders, technical resources, and third-party vendors; strong troubleshooting and organizational skills and ability to work on multiple activities simultaneously
• Hands-on network and systems administration skills with Linux and Windows, including Active Directory competence; solid understanding of network and system intrusion and detection methods and mitigation techniques; experience with technologies such as Splunk, Next Generation Endpoint Protection Platforms (EPP), Security information and event management (SIEM), hacking tools techniques and procedures; proven experience with malware analysis or endpoint lateral movement detection methodologies or host forensic tools
• US Citizenship Required

KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.

KPMG does not currently require partners or employees to be fully vaccinated or test negative for COVID-19 in order to go to KPMG offices, client sites or KPMG events, except when mandated by federal, state or local law.  In some circumstances, clients also may require proof of vaccination or testing (e.g., to go to the client site).