Skip to main content

This job has expired

You will need to login before you can apply for a job.

Incident Response & Investigations Manager - C

Employer
KPMG
Location
London, United Kingdom
Salary
Competitive
Closing date
18 Feb 2021

View more

Sector
Consultancy
Job Role
Risk Analyst
Job Type
Permanent
Job description
Incident Response & Investigations Manager - C

KPMG is building a new UK Information Security Practice to ensure a coordinated response to the increasing cyber security threat, enable risk decisions to be made consistently across the organisation and establish sustainable security capabilities that are integrated with the business. This role is the Incident Response & Investigations Manager within the KPMG UK Security Operations Centre (SOC).

The job purpose is to:
• Provide daily operational oversight of Incident Response & Investigations Team (IRIT) in relation to both technical and non-technical incidents.
• Play a leading role in the management of P1 and P2 Security Incident investigation, including identifying key enquiries and allocating IRIT resources.
• Produce and amend IR&I team processes, guidance and playbooks as required.
• Support the development of IR&I team members.
• Lead Post Incident Reviews into KPMG UK Security Incidents; sharing IR&I team findings and outputs with key stakeholders.
• Maximise the effectiveness of the IRIT in the preventing, identifying and managing of Security Incidents by continual liaison with Monitoring and CTI teams.

Role
The scope of the role covers the operational responsibility of KPMG's ability to respond and investigate identified Information Security Incidents.

The IRIT Manager will:

• Manage all day to day activities for KPMG SOC Incident Response & Investigation capability to ensure the effective operation of incident response and further investigations.
• Ensure Incident Response Investigation procedures and documentation are up to date, maintained and followed.
• Be responsible for building and maintaining strong relationships with key stakeholders, such as Information Security leadership, Business Information Security Officer's and Engagement/Capability Leads.
• Work closely with the Global SOC to share information and manage globally identified incidents.
• Provide tailored approach to investigations involving a range of stakeholders by proportionately applying security capabilities in response to identified risks.
• Act as an SME for complex information security incident response concerns, issues and problems.
• Operationally lead and manage a team of Incident Response Analysts in delivering KPMG UK's own Security Incident Response to both technical and non-technical information security incidents.
• Act as SPOC for Law enforcement.
• Be responsible for collaborating with any designated direct staff to ensure performance objectives, career path options, and work assignments are all clearly documented, understood and reviewed.
Person

Overall work experience in the field

• Substantial hands on experience in Information Security Incident Response and Investigation.
• Substantial experience leading and supervising serious and complex investigations.
• Strong experience of managing investigative teams.
• Knowledge of relevant legislation governing investigations and experience of applying this practically.
• Experience of conducting evidential interviews.
• Experience leading teams in high pressured environments.
• Extensive experience of investigative techniques and evidence gathering.
• Proven work experience either for or with Law Enforcement organisations with practical knowledge of police powers, laws and the legal system as it relates to investigations and prosecution of offenders.
• Ability to act as KPMG UK SOC special point of contact for Law Enforcement organisations.
• Experience with technologies, tools and process controls to minimise risk of Information Security Incidents.
• Experience in internal stakeholder liaison such as Client Engagement Teams, HR, Office of General Counsel and Technology Teams.

Education / Certifications

• Information Security and/or Information Technology industry certification (desirable).

Skills / abilities

• Relationship management and an articulate communication ability.
• Strong facilitation, negotiation and conflict resolution skills.
• Strong analytical skills.
• Team player.
• Apply analytical rigor to understand complex scenarios.
• Fluent in English.


Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert