Security Engineer
Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
The world of global advisory audit and tax compliance services for large multi-nationals is rapidly changing and heavily dependent on technology.
The KPMG Delivery Network (KDN) is a KPMG special purpose member firm offering a way for clients to leverage KPMG top talent and technology platforms through regional teams of specialists enabling economies of scale and a new way of working that expands beyond local capability
Together with KDN KPMG member firms can drive the sales and delivery of global solutions at a competitive price and in a repeatable and consistent manner. As a member of KDN youll be a part of the KPMG family working alongside some of our professions most skilled practitioners on rewarding programs and initiatives that are changing the way business operates delivering value to our clients and driving positive change in the communities we serve.
Youll be enabling KDN accelerate new ways of working using cutting-edge technology and working together with our member firms located in nearly 150 countries to help us achieve our ambition to be the most trusted and trustworthy professional services firm.
And through your work youll build a global network and unlock opportunities that you may not have thought possible with access to great support vast resources and an inclusive supportive environment to help you reach your full potential.
Our KDN Bulgaria Cloud Services unit is focused on designing building securing and managing cloud native & hybrid platforms for the KPMG group of member firms as well as providing cloud advisory and engineering services to external clients.
Your Responsibilities:
- Act as an escalation point for other security analysts in the SOC including 3rd party MSSP
- Co-ordinate SOC team response and work with Threat Detection manager to improve triage processes
- Deputise Threat Detection Manager with full delegated responsibilities when required
- Proactively monitor the network security sensors ensuring timely detection investigation and remediation of potential threats in line with the incident management lifecycle
- Use the advanced security analytics toolsets to monitor for emerging threat patterns and vulnerabilities attempted or successful breaches
- Work closely with other KPMG teams to ensure that all technologies are activity monitored including troubleshooting where necessary
- Interact with the Global Security Operations Centre (GSOC) & MSSP including Incident response and intelligence sharing escalating to management where required
- Triage and manage incidents events and queries from the business to the relevant resolver group
- Contribute to the Continual Service Improvement of the teams operations through proactive analysis engagement and collaboration
- Detect respond and coordinate response for security events while capturing essential details and artefacts
- Operationalise actionable intelligence reports from Threat Intelligence team and external sources
- Maintain event response documentation participate in post-mortems and write event reports
- Contribute to projects that enhance the security posture of KPMG
- Identify trends potential new technologies and emerging threats which may impact KPMG
- Review and prioritise alerts based on Standard Operating Procedures
- Review and triage suspected security events reported by staff members or Security Monitoring platforms
- Accurately document work in Incident case management system as per defined standards
- Leverage multiple data sources to analyse detection alerts and staff reported cyber-attacks to identify which events require response activities based on Standard Operating Procedures
- Declare an incident and escalate it to Incident Response team ensuring findings have been accurately captured in the Incident case management system as per defined standards
- Ensure that cases are accurately categorised to ensure the appropriate feedback is provided to the Detection and Response Engineering team and to facilitate reporting
- Identify and record gaps in visibility and security posture through the course of investigations as per defined Standard Operating Procedures
- Identify potential new detection logic and escalate to the Detection and Response Engineering team
- Hunt for threat indicators from log data and other available endpoint/network artefacts
What you bring in:
- Hands on SIEM and EDR tooling knowledge and experience including technologies such as Microsoft Sentinel Microsoft Defender Suite etc.
- Experience in end-to-end information security incident management and mitigating and addressing threat vectors including Advanced Persistent Threat (APTs) Distributed Denial of Service (DDoS) Phishing Malicious Payloads Malware etc
- Experience with Intrusion Detection Systems (IDS) Intrusion Prevention Systems (IPS) Web Application Firewalls Firewall logs systems logs web logs application logs and Security Information and Event Management (SIEM) systems
- Experience with technologies tools and process controls to minimise risk and data exposure.
- Experience in search query languages such as KQL OSquery or SPLSolid experience of working in Cloud environments such as AWS Azure & GCP
- Experience with building threat-based Use Cases using frameworks such as MITRE ATT&CK
- Solid understanding of ISO 27001 Cyber Essentials/Essentials Plus GDPR and other information security-related regulatory and compliance standards
- Understanding of security threats attack scenarios intrusion detection and incident management
- Ability to function effectively in a matrix structure
- Ability to deal with ambiguity and to keep a cool head when dealing with crisis or stressful situations
- Strong analytical skills
- Apply analytical rigor and demonstrate business acumen to understand complex business scenarios
- Already holds or can be SC cleared
- Fluency in English
What we offer:
- The chance to work in a top talent team
- Attractive remuneration
- Build knowledge in cutting-edge technologies
- Opportunity for continuous training learning and certification
- Experience in an international and multicultural organization
- Work on challenging projects with clients in various industries around the globe
- Modern office environment
- Additional health insurance
- Life insurance
- 50 benefits and services to choose from
- Hybrid working policy
Employment Type
Full-Time
