Security Operations Analyst
- Employer
- KPMG
- Location
- London, United Kingdom
- Salary
- Competitive
- Closing date
- 16 Oct 2019
View more
- Recruiter Type
- Direct Employer
- Sector
- Consultancy
- Job Role
- Risk Analyst
- Job Type
- Permanent
You need to sign in or create an account to save a job.
The Role
KPMG's Global Security Operations Centre (GSOC) helps defend KPMG and its clients from cyber-attacks, through timely detection, investigation and remediation of potential threats.
The role holder is part of the team responsible for supporting the global incident response and investigations, governance framework, policies, procedures and standards with particular emphasis on investigative governance, forensics and incident response.
They are responsible for assisting the Information System Security Officer (ISSO) with the daily management of information security queries and requests.
They are the primary contact for any potential security incidents escalated by the Global Security Operations Centre (GSOC) and will work together with the ITS Global operations teams and application owners to resolve and remediate threats to KPMG.
The Team
- Manage the IT Security incident and service request queue (ServiceNow and mailbox), triaging the requests
- Ensure that requested changes in the ITS Global change management system that require ISSO involvement are handled effectively, including attending the Change Advisory Board (CAB)
- Provide regular status reports and keep track of the number and nature of the queries being handled to the ISSO
- Coordinate vulnerability management activities with internal and external stakeholders for Cloud based systems.
- Liaise with other teams on following up on pending actions, gathering IT security statistics, escalating incidents and reports, and seeking request authorisations.
- Network with and work closely with colleagues across the ITS Global team to ensure that there is efficiency in the processes and knowledge is shared.
- Identify and suggest points of improvement to increase efficiency within the Platform Security Group.
- Interact with the Global Security Operation Centre (GSOC), including Incident response and intelligence sharing.
- Assist in the creation and ongoing development of technical documentation for Cloud security.
- Improve and challenge existing processes and procedures in a very agile global and fast moving information security environment.
- Act as the incident coordinator for the response to individual Cloud security incidents
- Identify and document containment and remediation efforts which successfully reduce risk
- Maintain documentation on residual risk, along with assignment of leadership owners and recommended steps for remediation
The Person
- Possesses experience with Microsoft Azure Security suite including configuration and management of;
- Operations Management Suite (OMS)
- Microsoft / Office Cloud App Security (OCAS / MCAS)
- Azure Security Centre (ASC)
- Advanced Threat Analytics (ATA)
- Windows Defender Advanced Threat Protection (ATP)
- Azure Active Directory Identity Protect (AADIP)
- Experience of participant in change advisory boards (CAB)
- Experience of working in an agile operating environment
- Service Management experience based on ITIL framework (ServiceNow)
- Advanced understanding of information security, border protection, incident handling & response, forensics, endpoint protection & encryption
- Able to evaluate current people, processes, technology, and business drivers to improve the service.
- Network infrastructure knowledge, advanced knowledge of TCP/IP and Internet protocols.
- Policy and Standard, Incident Management., Prioritization, Technologies, Security, Testing, Monitoring, IT Change, Infrastructure, Application
- Understanding and experience using various security related exploits and tools
- Strong ability to communicate: write clearly and speak authoritatively to different audiences
- CISSP or CISA or CISM or Certifications or equivalent
Job Segment: Operations Manager, Change Management, Information Security, Security, Operations, Management, Technology
KPMG's Global Security Operations Centre (GSOC) helps defend KPMG and its clients from cyber-attacks, through timely detection, investigation and remediation of potential threats.
The role holder is part of the team responsible for supporting the global incident response and investigations, governance framework, policies, procedures and standards with particular emphasis on investigative governance, forensics and incident response.
They are responsible for assisting the Information System Security Officer (ISSO) with the daily management of information security queries and requests.
They are the primary contact for any potential security incidents escalated by the Global Security Operations Centre (GSOC) and will work together with the ITS Global operations teams and application owners to resolve and remediate threats to KPMG.
The Team
- Manage the IT Security incident and service request queue (ServiceNow and mailbox), triaging the requests
- Ensure that requested changes in the ITS Global change management system that require ISSO involvement are handled effectively, including attending the Change Advisory Board (CAB)
- Provide regular status reports and keep track of the number and nature of the queries being handled to the ISSO
- Coordinate vulnerability management activities with internal and external stakeholders for Cloud based systems.
- Liaise with other teams on following up on pending actions, gathering IT security statistics, escalating incidents and reports, and seeking request authorisations.
- Network with and work closely with colleagues across the ITS Global team to ensure that there is efficiency in the processes and knowledge is shared.
- Identify and suggest points of improvement to increase efficiency within the Platform Security Group.
- Interact with the Global Security Operation Centre (GSOC), including Incident response and intelligence sharing.
- Assist in the creation and ongoing development of technical documentation for Cloud security.
- Improve and challenge existing processes and procedures in a very agile global and fast moving information security environment.
- Act as the incident coordinator for the response to individual Cloud security incidents
- Identify and document containment and remediation efforts which successfully reduce risk
- Maintain documentation on residual risk, along with assignment of leadership owners and recommended steps for remediation
The Person
- Possesses experience with Microsoft Azure Security suite including configuration and management of;
- Operations Management Suite (OMS)
- Microsoft / Office Cloud App Security (OCAS / MCAS)
- Azure Security Centre (ASC)
- Advanced Threat Analytics (ATA)
- Windows Defender Advanced Threat Protection (ATP)
- Azure Active Directory Identity Protect (AADIP)
- Experience of participant in change advisory boards (CAB)
- Experience of working in an agile operating environment
- Service Management experience based on ITIL framework (ServiceNow)
- Advanced understanding of information security, border protection, incident handling & response, forensics, endpoint protection & encryption
- Able to evaluate current people, processes, technology, and business drivers to improve the service.
- Network infrastructure knowledge, advanced knowledge of TCP/IP and Internet protocols.
- Policy and Standard, Incident Management., Prioritization, Technologies, Security, Testing, Monitoring, IT Change, Infrastructure, Application
- Understanding and experience using various security related exploits and tools
- Strong ability to communicate: write clearly and speak authoritatively to different audiences
- CISSP or CISA or CISM or Certifications or equivalent
Job Segment: Operations Manager, Change Management, Information Security, Security, Operations, Management, Technology
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalised job recommendations straight to your inbox.
Create alert