Business Title: Sr. Associate, Security Monitoring & Response

Requisition Number: 112084 - 90

Function: Business Support Services

Area of Interest:

State: TX

City: Houston

Description:

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you're as passionate about your future as we are, join our team.

KPMG is currently seeking a Sr. Associate, Security Monitoring & Response to join our Enterprise Security Services organization. This is a remote work opportunity.

Responsibilities:

• Monitor for external threats, assessing risk to the firm's environment and support risk mitigation and response activities; perform some or all phases of incident response life cycle: preparation, identification, containment, eradication, recovery and lessons learned

• Document, test, and manage incident response processes and support personnel investigations; Conduct forensics (such as host-based disk and memory, as well as network) and analysis; incorporate external threat intelligence sources related to zero-day attacks, exploit kits and malware into detection tools

• Define security monitoring use cases and develop and tune supporting content for security tools (for example: dashboards, alerts, reports, rules), including but not limited to the configuration and monitor security information and event management (SIEM) platform and endpoint detection tools for security alerts; perform data analysis in support of security event management processes, including root cause analysis

• Team shared responsibilities include monitor for threats and vulnerabilities through a combination of automated and manual processes and respond accordingly; incorporate learnings into additional preventive and detective controls as a continuous feedback loop

• Research and develop risk mitigating approaches and drive response and remediation; implement automation and orchestration to improve efficiency and effectiveness of security monitoring and response processes; document processes and procedures in the form of playbooks and reference guides

• Stay abreast of the latest information security controls, practices, techniques and capabilities in the marketplace, as well as evolving threats; participate in internal skills development activities for information security personnel on the topic of security monitoring and incident response; provide mentoring to junior team members; produce operating metrics and key performance indicators

Qualifications:

• Minimum three years of recent and relevant experience in security monitoring and incident response activities, preferably within a professional services firm or similar environment

• Bachelor's degree from an accredited college or university is preferred; SANS DFIR/Incident handling certifications, Microsoft Sentinel experience and CISSP preferred

• Experience with IT process definition and/or improvement, defining security monitoring rules, monitoring events, assessing risk, responding to incidents and providing security oversight related to the security features of IT tools supported by the IT operations teams; knowledge of incident response lifecycle; background in IT process definition and / or improvement; previous experience with technologies such as eXtended Endpoint Detection & Response (XDR), security information and event management (SIEM), Digital Forensics collection and analysis, hacking tools techniques and procedures; experience with malware analysis or endpoint lateral movement detection methodologies or host forensic tools

• Effective at utilizing security tools in a large Enterprise IT infrastructure such as proxies, mail servers, Active Directory, workstations and mobile devices; capability to coordinate, work with and gain the trust of business stakeholders, technical resources, and third-party vendors; understanding of network and system intrusion, detection methods and mitigation techniques; comprehension of some of the following: network protocol analysis, public key infrastructure, SSL, Microsoft Windows and Active Directory, Linux; scripting skills (Python, Shell/BASH) and prior use of open source Linux security tools; experience with a threat monitoring program and related operational activities

• Strong troubleshooting and organizational skills and ability to work on multiple activities simultaneously; hands-on network and systems administration skills with Linux and Windows, including Active Directory competence; practical experience in security operations, investigations in cloud environments and networking infrastructure

• Excellent verbal/written communication, problem solving, analytical and independent judgment skills to support an environment driven by customer service and teamwork; able to positively influence, mentor and be a credible source of knowledge to less experienced team members

• US Citizenship is required

KPMG complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, the firm is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year the firm publishes a calendar of holidays to be observed during the year and provides two firmwide breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at 'Benefits & How We Work (https://www.kpmguscareers.com/why-kpmg/#benefits) '.

Follow this link to obtain salary ranges by city outside of CA: https://www.kpmg.us/work-for-kpmg/pay-transparency.html/?id=4347_9_24

KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link ( https://assets.kpmg.com/content/dam/kpmg/us/pdf/2018/09/eeo.pdf) contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.

KPMG recruits on a rolling basis. Candidates are considered as they apply, until the opportunity is filled. Candidates are encouraged to apply expeditiously to any role(s) for which they are qualified that is also of interest to them.

KPMG does not currently require partners or employees to be fully vaccinated or test negative for COVID-19 in order to go to KPMG offices, client sites or KPMG events, except when mandated by federal, state or local law. In some circumstances, clients also may require proof of vaccination or testing (e.g., to go to the client site).

GL: 5

GF: 15310