Senior Manager, GSOC Operations Manager

Job description

About KPMG International

Together with more than 273,000 colleagues in 143 countries throughout our member firms, people at KPMG imagine big ideas and bring solutions to life for clients both big and small. A role with KPMG International will open a world of opportunity in your career.

KPMG International helps set the strategy and protects the reputation of this global organization of independent professional services firms providing Audit, Tax and Advisory services. We deliver value to our member firms and drive positive change in the communities we serve. By joining us you will gain a unique understanding of how a global organization operates and work on projects that impact the whole organization. From setting standards and best practices to developing innovative tech- enabled solutions for clients, you'll be part of a global team changing the way our business operates. We look forward to welcoming you to our team.

About this Global Group

The core services provided by Global Technology & Knowledge are more crucial than ever to our future, as we enable KPMG’s digital transformation, provide trusted technology services, ensure security across the network and accelerate our Collective Strategy. Our ways of working are based on the principles of customer-centricity, communities of expertise, an optimized delivery model, flexibility, a culture of empowerment, and fulfilling careers. We are organized under five new ‘domains’: Technology Portfolio Delivery, Global Enterprise Technology, Technology Strategy & Blueprint, Global Information Security Group and Business Operations. This is an exciting time for us as we continue to drive technology excellence at the heart of Collective Strategy v3.0, and our GT&K colleagues all play a pivotal role in making this a success

About this Team

As part of the Global Information Security Group (GISG), the Information Security Services (ISS) team which includes the Global Security Operations Center (GSOC) helps defend KPMG and its clients from cyber-attacks, through timely detection, investigation and remediation of potential threats

Role summary

The GSOC (Global Security Operations Center) Operations Manager is accountable for the daily running of the Security Monitoring and Response (SMR) service within GSOC. In addition, the role has management responsibilities for Levels 1, 2 and 3 teams. This role will be on the rota for the cyber commander and be the central point of contact point for the service and member firms. As such, the GSOC Operations Manager is responsible for timely response to incidents and Managing KPI's for the services it is responsible for

Key Accountabilities

• Responsible for the operational delivery of GSOC SMR service, including Security Monitoring and Response (SMR) - Cloud and Traditional and Cyber Threat Intelligence (CTI) and Security Incident Management. Ensuring all associated documentation for BAU activities are up to date.

• Responsible for the Advance Analytic and Threat Intelligence, including threat modeling and content use case management.

• Accountable for the GSOC SMR operational staff across multiple regions, resourcing, attrition rate and performance management activities.

• Support projects for enhancements to existing or new services to ensure all GSOC SMR operational requirements are captured.

• Ensure identified threats are mapped to detection logic for all new and existing environments (traditional / cloud).

• Coordinates with external stakeholders for all day-to-day matters relating to GSOC SMR services delivered to member firms.

• Support Audit questions for services this role has responsibility over.

Experience / Knowledge / Qualifications

• Bachelor’s degree in Computer Science, Computer Networking or Computer Security, or equivalent, Master’s Degree preferred
• Relevant security experience, with IT experience
• CISSP/CISM certifications, or equivalent
• One or more of the following certifications :

• GSEC (GIAC Security Essentials Certification)
• GISP (GIAC Information Security Professional)
• GCIH (GIAC Certified Incident Handler)
• CCFP (Certified Cyber Forensics Professional)
• CCNP (Cisco Certified Network Professional)

• Advanced understanding of information security, security incident management and response, endpoint protection and forensics
• Strong understanding of computer science: algorithms, data structures, databases, operating systems and networks
• Experience of monitoring for threat in traditional (on-premise) and cloud (Azure, Google, AWS) environments
• Experience of Threat Modeling frameworks including Mitre ATT@CK, LM Cyber Kill Chain, STRIDE.
• Understanding and experience using various security related exploits and tools
• Understanding and experience using various Project Management methodologies
• Strong ability to communicate: write clearly and speak authoritatively to different audiences
• Supporting ISO/SOC2 type audits.
• Ability to travel up to 25% of time, valid passport/travel documents required

Agile/Flexible Working

At KPMG International, we are supportive of helping you to achieve a balance between your home and work demands. We are happy to discuss individual requirements and our range of flexible working arrangements could be of interest. Please ask to find out more.

KPMG International's commitment to inclusion & diversity

At KPMG International, we recognise that we need inclusion and diversity to be successful. We want to attract, retain and develop diverse talent at all levels. This means recruiting from the widest pool of talent across our network and beyond, removing barriers that can prevent our people from reaching their full potential, and fostering a fully inclusive environment which empowers everyone to bring their whole selves to work.

Applying with a disability

KPMG International is proud to be an inclusive place to work and we are committed to ensuring that you are treated fairly throughout our recruitment process. Should you be successful after the initial application stage, please discuss any reasonable adjustments that you may require with your recruitment contact.