Career Level Requirement

　　Experienced

　　Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you're as passionate about your future as we are, join our team.

　　KPMG is currently seeking a Senior Associate, Security Monitoring & Response to join our Enterprise Security Services organization. This is a remote work opportunity.

　　Responsibilities:Monitor for threats and vulnerabilities through a combination of automated and manual processes and respond accordingly as a continuous feedback loop; incorporate learnings into additional preventive and detective controls; research and develop risk mitigating approaches and drive response and remediationImplement automation and orchestration to improve efficiency and effectiveness of security monitoring and response processes; document processes and procedures in the form of playbooks and reference guides; stay abreast of the latest information security controls, practices, techniques, and capabilities in the marketplace, as well as evolving threatsParticipate in internal skills development activities for information security personnel on the topic of security monitoring and incident response; provide mentoring to junior team members; produce operating metrics and key performance indicators; perform some or all phases of incident response life cycle: analysis, containment, eradication, remediation, recoveryManage, test and document incident response processes; work with Managed Security Services Provider (MSSP) services and maintain vendor relationships; support personnel investigations; maintain external threats, assessing risk to the firm's environment and support risk mitigation and response activities.Incorporate external threat intelligence sources related to zero-day attacks, exploit kits and malware into detection tools; conduct forensics such as host-based disk and memory, as well as network and analysisExamine security monitoring use cases and develop and tune supporting content for security tools such as dashboards, alerts, reports, rules including but not limited to the configuration and monitor Security Information and Event Management (SIEM) platform and endpoint detection tools for security alerts; oversee data analysis in support of security event management processes, including root cause analysisQualifications:Minimum three years of recent and relevant experience in security monitoring, security operations, and incident response activities, preferably within a professional services firm or similar environmentBachelor's degree from an accredited college or university is preferred; SANS, CEH, or other DFIR related certification is preferred Experience with IT process definition and/or improvement; skilled in integrating security tools with IT infrastructure such as proxies, mail servers, Active Directory, workstations, and mobile devices; capability to coordinate, work with and gain the trust of business stakeholders, technical resources, and third-party vendors; experience defining security monitoring rules, monitoring events, assessing risk, responding to incidents, and providing security oversight related to the security features of IT tools supported by the IT operations teams; knowledge of incident responseDirect involvement with network and systems administration skills with Linux, Windows, and Cloud, including Active Directory competence; strong troubleshooting and organizational skills and capacity to work on multiple activities simultaneously; great verbal/written communication, problem solving, analytical and independent judgment skills to support an environment driven by customer service and teamwork; must be able to positively influence, mentor and be a credible source of knowledge to less experienced team membersGood understanding of network and system intrusion and detection methods and mitigation techniques; experience with technologies such as Microsoft Sentinel, Next Generation Endpoint Protection Platforms (EPP), Security Information and Event Management (SIEM), hacking tools techniques and procedures; experience with malware analysis or endpoint lateral movement detection methodologies or host forensic tools; knowledgeable of some of the following: network protocol analysis, public key infrastructure, SSL, Microsoft Windows and Active Directory, LinuxMust possess scripting skills (Python, Shell/BASH) and use of open-source Linux security tools; experience with a threat monitoring program and related operational activities; previous experience developing SIEM content/use cases with specific experience writing content rulesU.S. citizenship is required

　　KPMG complies with all local/state regulations regarding displaying salary ranges. If required, the ranges displayed below or via the URL below are specifically for those potential hires who will work in the location(s) listed. Any offered salary is determined based on relevant factors such as applicant's skills, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. In addition, the firm is proud to offer a comprehensive, competitive benefits package, with options designed to help you make the best decisions for yourself, your family, and your lifestyle. Available benefits are based on eligibility. Our Total Rewards package includes a variety of medical and dental plans, vision coverage, disability and life insurance, 401(k) plans, and a robust suite of personal well-being benefits to support your mental health. Depending on job classification, standard work hours, and years of service, KPMG provides Personal Time Off per fiscal year. Additionally, each year the firm publishes a calendar of holidays to be observed during the year and provides two firmwide breaks each year where employees will not be required to use Personal Time Off; one is at year end and the other is around the July 4th holiday. Additional details about our benefits can be found towards the bottom of our KPMG US Careers site at " Benefits & How We Work ".

　　Follow this link to obtain salary ranges by city outside of CA:

　　KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.

　　KPMG does not currently require partners or employees to be fully vaccinated or test negative for COVID-19 in order to go to KPMG offices, client sites or KPMG events, except when mandated by federal, state or local law. In some circumstances, clients also may require proof of vaccination or testing (e.g., to go to the client site).