EWT Security | Consultant - Threat Detection Analyst
Bengaluru, Karnataka, India
KPMG India
KPMG is a global network of professional firms providing Audit, Tax and Advisory services.The Team/Role:
Working as part of the KPMG Security Operations Centre team within Information Security, you will play a key role in ensuring that the business IT systems are protected and monitored from threats. You will participate in the active monitoring of applications, systems, and networks to detect issues and ensure that appropriate actions are taken as part of the Incident Response process.
Key Responsibilities
- Proactively monitor the network security sensors ensuring timely detection, investigation, and remediation of potential threats in line with the incident management lifecycle
- Triage and manage security events in the SIEM platform as per Standard Operating Procedure and escalate to L2 team as required
- Accurately document work in Incident case management system as per defined standards
- Leverage multiple data sources to analyse detection alerts and staff reported cyber-attacks to identify which events require response activities based on Standard Operating Procedures
- Declare an incident and escalate it to Incident Response team, ensuring findings have been accurately captured in the Incident case management system as per defined standards
Ensure that cases are accurately categorised to ensure the appropriate feedback is provided to the Detection and Response Engineering team and to facilitate reporting
The Person
- Hands-on experience within a Security Operations Centre is preferred
- Familiarity with AWS and Azure environment and security toolsets used in these environments
- Proven ability with Security Incident and Event Management (SIEM) systems
- Experience with Intrusion detection/prevention systems, including Microsoft Security tools
- Practical and current knowledge of the Cyber Security threats landscape
- Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute)
- Knowledge of computer networking concepts and protocols, and network security methodologies
- Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks)
- Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored)
- Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks)
- Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services
Soft skills and experience
- Experience of working within a Security Operations environment
- Proven customer service skills and experience
- Ability to read and interpret data including security, system, application, and device specific logs
- Excellent analytical skills and solutions-oriented approach
- Ability to work in high-demand, busy environments
- Ability to quickly learn new technologies and systems. A methodical approach with accuracy is essential
- Ability to develop and maintain effective working relationships with members of the different KPMG team in the UK and globally
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: AWS Azure DNS Incident response Intrusion detection Monitoring Network security SIEM TCP/IP Threat detection
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open DoD-related jobs