KPMG’s Global Security Operations Centre (GSOC) helps defend KPMG and its clients from cyber-attacks, through timely detection, investigation and remediation of potential threats. The role holder is responsible for the development of the global incident response and investigations governance framework, policies, procedures and standards with particular emphasis on investigative governance, forensics and incident response.
Core responsibilities include managing the technical response to security incidents; managing security and other business area investigations; development and implementation of the global CSIRT capability. You are the primary contact for any potential security incidents escalated by the Global Security Operations Centre (GSOC) and will work together with the ITS Global operations teams and application owners to resolve and remediate threats to KPMG.
Tasks and responsibilities:
- Set and implement a strategic direction for a technical group
- Providing support in operational security environment such as incident response, intelligence, or a security operations center
- Manage the IT Security incident and service request queue (ServiceNow and mailbox), triaging the requests
- Ensure that requested changes in the ITS Global change management system that require ISSO involvement are handled effectively, including attending the Change Advisory Board (CAB)
- Provide regular status reports and keep track of the number and nature of the queries being handled to the ISSO
- Coordinate vulnerability management activities with internal and external stakeholders for Cloud based systems.
- Liaise with other teams on following up on pending actions, gathering IT security statistics, escalating incidents and reports, and seeking request authorisations.
- Network with and work closely with colleagues across the ITS Global team to ensure that there is efficiency in the processes and knowledge is shared.
- Identify and suggest points of improvement to increase efficiency within the Platform Security Group.
- Interact with the Global Security Operation Centre (GSOC), including Incident response and intelligence sharing.
- Assist in the creation and ongoing development of technical documentation for Cloud security.
- Improve and challenge existing processes and procedures in a very agile global and fast moving information security environment.
- Act as the incident coordinator for the response to individual Cloud security incidents
- Identify and document containment and remediation efforts which successfully reduce risk
- Maintain documentation on residual risk, along with assignment of leadership owners and recommended steps for remediation
Description of level of Qualifications
- 5 plus years of security experience preferable and 5 plus years of IT experience preferable
- Bachelor's Degree in Computer Science, Computer Networking, or Computer Security or equivalent; Master’s preferred
- CISSP or CISA or CISM or Certifications or equivalent
- Possesses experience with Microsoft Azure Security suite including configuration and management of:
- Operations Management Suite (OMS)
- Microsoft / Office Cloud App Security (OCAS / MCAS)
- Azure Security Centre (ASC)
- Advanced Threat Analytics (ATA)
- Windows Defender Advanced Threat Protection (ATP)
- Azure Active Directory Identity Protect (AADIP)
- Experience of participant in change advisory boards (CAB)
- Experience of working in an agile operating environment
- Service Management experience based on ITIL framework (ServiceNow)
- Advanced understanding of information security, border protection, incident handling & response, forensics, endpoint protection & encryption
- Able to evaluate current people, processes, technology, and business drivers to improve the service
- Network infrastructure knowledge, advanced knowledge of TCP/IP and Internet protocols.
- Policy and Standard, Incident Management., Prioritization, Technologies, Security, Testing, Monitoring, IT Change, Infrastructure, Application
- Understanding and experience using various security related exploits and tools
- Strong ability to communicate: write clearly and speak authoritatively to different audiences
We believe that progress can only truly be progress if its cause benefits both the individual and society as a whole. Therefore, we combine the newest technologies with what we have accomplished in the century we are existing: a foundation of knowledge, expertise and independent thinking.
Open, creative and venturous
We offer a stimulating mix of entrepreneurship, creativity and team spirit. You can be yourself, you feel validated and appreciated and you know that you can make a difference if you want to.
The ultimate environment for personal growth
Here at KPMG, you will be given plenty responsibilities from the start, combined with the freedom to develop yourself, both personally and in business. We are not only offering you a job: we are offering you a career.
Additionally we are offering you:
- A competitive salary
- 30 holidays
- Freedom of choice in (most of) your work
- A laptop and iPhone which can also be used privately
- A non-contributory pension plan
- A lease car
- Discounts on insurances and tax benefits for a gym membership
- Lots of activities involving fellow KPMG colleagues, such as Friday afternoon drinks.
Meer informatie en solliciteren
Please apply, click the 'more information'-button on top of this page. For questions, please contact the dedicated Recruitment Advisor, Maud van Turnhout at firstname.lastname@example.org.