Regional Information Security Manager - Incident Response

Job description

About KPMG International

Together with more than 276,000 colleagues in 138 countries throughout our member firms, people at KPMG imagine big ideas and bring solutions to life for clients both big and small. A role with KPMG International will open a world of opportunity in your career.

KPMG International helps set the strategy and protects the reputation of this global organization of independent professional services firms providing Audit, Tax and Advisory services. We deliver value to our member firms and drive positive change in the communities we serve. By joining us you will gain a unique understanding of how a global organization operates and work on projects that impact the whole organization. From setting standards and best practices to developing innovative tech- enabled solutions for clients, you'll be part of a global team changing the way our business operates. We look forward to welcoming you to our team.

About this Global Group

Global Digital (formerly GT&K)

The core services provided by Global Technology & Knowledge are more crucial than ever to our future, as we enable KPMG’s digital transformation, provide trusted technology services, ensure security across the network and accelerate our Collective Strategy.

Our ways of working are based on the principles of customer-centricity, communities of expertise, an optimized delivery model, flexibility, a culture of empowerment, and fulfilling careers.

We are organized under five new ‘domains’: Technology Portfolio Delivery, Global Enterprise Technology, Technology Strategy & Blueprint, Global Information Security Group and Business Operations.

This is an exciting time for us as we continue to drive technology excellence at the heart of Collective Strategy v3.0, and our GT&K colleagues all play a pivotal role in making this a success

About this Team

Global Information Security Group (GISG) is one of five domains within KPMG’s Global Digital group. GISG provides information protection and technology infrastructure and services that secure KPMG’s technology environment and connects its network of member firms. GISG works with the other GD domains to ensure that appropriate security controls are in place for KPMG technology solutions.

GISG is responsible for:

•            Developing and implementing global security strategies

•            Overseeing security architecture and enablement

•            Delivering regional security services

•            Supporting secure digital transformation initiatives

•            Collaborating with member firms to ensure consistent security standards

Role summary

• Advise member firms on the implementation of KPMG information risk and security standards / requirements related to Incident Management .
• Recommend and support member firms to enforce defined security policies and global technology standard.
• Maintain an up-to-date knowledge base following global incident trends, security advisories and alerts, information on global standard and best practices.
• Vulnerability management and controls validation: Evaluating and selecting vulnerability assessment and other security assessment capabilities, as well as deploying, operating and maintaining these technologies and adjacent processes
• Closely follow security trends and vulnerabilities, cyber security threats and provide feedback to Global security. Actively communicate and keep abreast of the latest trends in threat intelligence and incident response.
• Advise member firms how to best manage local incident response training to ensure readiness across regions.
• Advise and support member firms in improving the effectiveness of their event and incident management operation.
• Monitor and report a consolidated regional view of global technology standard adoption status and take action by following up on findings.
• Lead the assessment and provide recommendations on any exceptions to policies or standards.
• Lead and oversee regional incident triage activities and tracking of critical cybersecurity incidents from initial detection through final resolution.
• Lead and oversee incident escalation towards member firms and global teams.
• Work with Global security on red / blue teaming activities on regional level.
• Setting up and leading a community with the EMA region with respect to technical trends, vulnerabilities and incidents.
• Lead and oversee compliance with any applicable regulatory requirements for cyber incident

Key Accountabilities

• Advise member firms on Global security standards for incident response and issues (adopting, monitoring)
• Deliver security reporting for incident response, escalations, and opportunities into Regional Information Security Officer (RISO)
• Facilitate meetings with Member Firms on implementation incident management processing and tools, including best practices
• Capture specific Member Firm requirements for services and act as a conduit into RISO to recommend service updates.
• Provide support into Member Firms on incident management related matters.
• Support Security Incident Response processes across the Region

Experience / Knowledge / Qualification

• Bachelor's degree in Computer Science, Information Security, Information Systems, Computer Engineering, or a related field is required.
• Proven experience developing or managing an enterprise level of security programs (focus on Incident Management). 
• At least one industry certification preferred (e.g. CISSP, CISA, CISM, CRISC, ISAAP).
• Background working on large-scale international services and the ability to manage multiple processes and service delivery at once while building constructive working relationships across the different teams, functions, cultures, genders and demonstrating KPMG behaviors and values.
• Security Operations / Incident Management/ Managed Security Services experience preferred
• Working knowledge of multiple security topics such as threat intelligence, vulnerability management products, firewall management OR endpoint protection
• Deep knowledge of cyber kill chain and understanding of threat intelligence lifecycle.
• Strong knowledge of computer networking concepts and protocols (including OSI and TCP/IP layer models) and network security methodologies.
• Strong knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
• Experienced in deployment and maintenance of Microsoft products
• Keeps abreast of security related technology, practices and regulations in the marketplace and validates tools for use to improve the Managed Security Services offerings
• Experience in working in a matrix management environment.
• Working knowledge of common IT security-related regulations and/or standards such as Sarbanes-Oxley and ISO highly desired.
• Strong oral and written communication skills.
• Must have strong analytical and critical-thinking skills.
• Expertise in conducting incident response activities and seeing incidents through to successful remediation across multiple geographies.

Agile/Flexible Working

At KPMG International, we are supportive of helping you to achieve a balance between your home and work demands. We are happy to discuss individual requirements and our range of flexible working arrangements could be of interest. Please ask to find out more.

KPMG International's commitment to inclusion & diversity

At KPMG International, we recognise that we need inclusion and diversity to be successful. We want to attract, retain and develop diverse talent at all levels. This means recruiting from the widest pool of talent across our network and beyond, removing barriers that can prevent our people from reaching their full potential, and fostering a fully inclusive environment which empowers everyone to bring their whole selves to work.

Applying with a disability

KPMG International is proud to be an inclusive place to work and we are committed to ensuring that you are treated fairly throughout our recruitment process. Should you be successful after the initial application stage, please discuss any reasonable adjustments that you may require with your recruitment contact.