Manager, Global CSIRT Senior Analyst

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Seramount, Fair360 and others. If you're as passionate about your future as we are, join our team.

KPMG is currently seeking a Manager to join our Global Technology & Knowledge Group which is part of KPMG International.

• Triage alerts reported by Global Security Operations Center (GSOC), Global functions and KPMGs network of member firms, including clients, supply chain and from Security tooling like Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), Extended Detection and Response (XDR), and Security Information and Event Management (SIEM)
• Contribute to root cause analysis to determine the origin, as well as impact of incidents and support preparation of detailed reports
• Collaborate with teams across Legal, HR, Compliance, Global Enterprise Technology (GET), Global Functions, RSD and key Member Firms to ensure appropriate incident handling and communications aligned to best practices
• Identify gaps in detection and response processes and recommend improvements including the development and refinement of playbooks and standard operating procedures (SOPs) for cyber and data-related incidents
• Support security awareness initiatives related to data handling and incident management and reporting
• Provide delivery of training to first-line responders and KPMG member firm security teams on incident escalation procedures

• Minimum five years of recent experience in incident response, preferably with a focus on data protection, and privacy incidents within highly regulated industries, such as professional services, finance, healthcare, or energy
• Bachelor's, Master's, or PhD from an accredited college/university in computing, information security, or a related field (or equivalent professional experience); relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), GIAC Certified Incident Handler (GCIH), Global Information Assurance Certification (GIAC), GIAC Certified Forensic Analyst (GCFA) or Certified Information Privacy Professional are highly desirable
• Technical expertise in cybersecurity and incident response; experience with email security, cloud platforms, and endpoint protection, including an understanding of Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), SIEM, XDR and other security monitoring tools
• Demonstrate a strong background in incident response, data protection, and regulatory compliance, with the ability to work cross-functionally to mitigate risks and enhance our data security posture
• Familiarity with data protection regulations (such as GDPR, HIPAA, CCPA)
• Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future; KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H-1B, L-1, TN, O-1, E-3, H-1B1, F-1, J-1, OPT, CPT or any other employment-based visa)