Global CSIRT Senior Analyst

Global CSIRT Senior Analyst 

Base Location: London or fully remote with occasional London travel, see our network of 20 offices nationally: www.kpmg88careers.co.uk/experienced-professional/#LeBlender.OfficeLocations

About KPMG International

Together with more than 273,000 colleagues in 143 countries throughout our member firms, people at KPMG imagine big ideas and bring solutions to life for clients both big and small. A role with KPMG International will open a world of opportunity in your career.

KPMG International helps set the strategy and protects the reputation of this global organization of independent professional services firms providing Audit, Tax and Advisory services. We deliver value to our member firms and drive positive change in the communities we serve. By joining us you will gain a unique understanding of how a global organization operates and work on projects that impact the whole organization. From setting standards and best practices to developing innovative tech- enabled solutions for clients, you'll be part of a global team changing the way our business operates. We look forward to welcoming you to our team.

About this Global Group

Global Technology & Knowledge

The core services provided by Global Technology & Knowledge are more crucial than ever to our future, as we enable KPMG’s digital transformation, provide trusted technology services, ensure security across the network and accelerate our Collective Strategy.

Our ways of working are based on the principles of customer-centricity, communities of expertise, an optimized delivery model, flexibility, a culture of empowerment, and fulfilling careers.

We are organized under five new ‘domains’: Technology Portfolio Delivery, Global Enterprise Technology, Technology Strategy & Blueprint, Global Information Security Group and Business Operations.

This is an exciting time for us as we continue to drive technology excellence at the heart of Collective Strategy v3.0, and our GT&K colleagues all play a pivotal role in making this a success. 

About this Team

GISG (Global Information Security Group) is one of five domains within KPMG’s Global Technology & Knowledge group. GISG provides the information protection and technology infrastructure that secures KPMG’s technology environment and connects its network of member firms. GISG works with the other GT&K domains to ensure that appropriate security controls are in place for KPMG technology solutions.

As part of the Global Information Security Group (GISG), the Information Security Services (ISS) team which includes the Global Security Operations Center (GSOC) helps defend KPMG and its clients from cyber attacks, through timely detection, investigation and remediation of potential threats.

Role summary

The Cyber Security Incident Response Manager plays a pivotal role in identifying, investigating, and managing cyber and data handling incidents within KPMG’s Global Information Security Services (ISS) function. ISS delivers and oversees critical cybersecurity capabilities—including Security Monitoring & Response (SMR), Vulnerability Assessment & Secure Development (VASD), and Cyber Threat Intelligence (CTI)—across Global, Global Functions, and the broader KPMG network of member firms.

This position offers an exciting opportunity to join a progressive and innovation-driven security team, contributing directly to the evolution of the Cyber Security Incident Response Team (CSIRT) on a global scale. The role reports directly to the Global Cyber Security Incident Response (CSIRT) Lead.

The ideal candidate will bring knowledge in Cyber incident response, data protection, and regulatory compliance, along with the ability to collaborate effectively across functions to reduce risk and strengthen KPMG’s global data security posture.

Key Accountabilities

Incident Detection & Response

• Triage alerts reported by GSOC, Global functions and KPMGs network of member firms, including clients, supply chain and from Security tooling like DLP, CASB, XDR and SIEM.
• Contribute to the investigation and response to cyber and data handling incidents, including misdirected emails, unauthorized data access, and policy violations.
• Support containment, eradication, and recovery efforts for Cyber and data-related incidents.

Root Cause Analysis & Reporting

• Contribute to root cause analysis to determine the origin and impact of incidents.
• Document incidents thoroughly and support preparation of detailed reports for internal stakeholders and regulatory bodies as required.

Cross-Functional Integration & Alignment

• Collaborate with teams across Legal, HR, Compliance, Global Enterprise Technology (GET), Global Functions, RSD and key Member Firms to ensure appropriate incident handling and communications aligned to best practises.
• Contribute to the delivery of guidance and support on secure data handling practices.
• Support changes in standards and policies.

Process Improvement

• Identify gaps in detection and response processes and recommend improvements.
• Support the development and refinement of playbooks and standard operating procedures (SOPs) for cyber and data-related incidents.
• Support the evolution of the service.

Training & Awareness:

• Support security awareness initiatives related to data handling and incident management and reporting.
• Contribute to the delivery of training to first-line responders and KPMG member firm security teams on incident escalation procedures.

Experience / Knowledge / Qualification

1. Leadership & Strategic Experience
   1. Proven experience in incident response, preferably with a focus on data protection and privacy incidents within highly regulated industries such as professional services, finance, healthcare, or energy.
   2. Have a strong background in incident response, data protection, and regulatory compliance, with the ability to work cross-functionally to mitigate risks and enhance our data security posture. Technical Expertise in Cybersecurity & Incident Response
   3. Experience with email security, cloud platforms, and endpoint protection.
   4. Strong understanding of DLP, CASB, SIEM, XDR and other security monitoring tools.
   5. Proven ability to manage and/or support response to complex security incidents and data breaches.
   6. Strong troubleshooting and problem-solving skills, with the ability to remain calm and effective under pressure.
2. Risk, Governance & Regulatory Knowledge
   1. Strong understanding of cyber and data risk factors impacting information security.
   2. Familiarity with data protection regulations (e.g., GDPR, HIPAA, CCPA).
   3. In-depth knowledge of cybersecurity regulations, standards, and best practices.
   4. High level of integrity and professionalism, with a commitment to ethical conduct and confidentiality.
   5. Ability to obtain and maintain security clearance where required.
3. Communication & Stakeholder Engagement
   1. Exceptional communication and interpersonal skills, with the ability to collaborate effectively across diverse global stakeholders.
   2. Strong analytical skills with the ability to assess and mitigate risks and influence decision-making at senior levels.
4. Education & Certifications
   1. Bachelor’s, Master’s, or PhD in Computing, Information Security, or a related field (or equivalent professional experience).

Relevant certifications such as CISSP, CISM, GIAC (GCIH, GCFA), or CIPP are highly desirable.

Agile/Flexible Working

At KPMG International, we are supportive of helping you to achieve a balance between your home and work demands. We are happy to discuss individual requirements and our range of flexible working arrangements could be of interest. Please ask to find out more.

KPMG International's commitment to inclusion & diversity

At KPMG International, we recognise that we need inclusion and diversity to be successful. We want to attract, retain and develop diverse talent at all levels. This means recruiting from the widest pool of talent across our network and beyond, removing barriers that can prevent our people from reaching their full potential, and fostering a fully inclusive environment which empowers everyone to bring their whole selves to work.

For additional support in applying, please click the clinks to find out more:

• Applying to KPMG: www.kpmgcareers.co.uk/experienced-professional/applying-to-kpmg/
• Tips for interview: www.kpmgcareers.co.uk/experienced-professional/applying-to-kpmg/application-advice/
• KPMG values: www.kpmgcareers.co.uk/experienced-professional/applying-to-kpmg/our-values/
• KPMG Competencies: www.kpmgcareers.co.uk/experienced-professional/applying-to-kpmg/kpmg-competencies/
• KPMG Locations and FAQ: www.kpmgcareers.co.uk/faq/?category=Experienced+professionals

• KPMG Locations and FAQ: www.kpmgcareers.co.uk/faq/?category=Experienced+professionals