Add office photos

KPMG India

Compare

based on 5.6k Reviews

1051 KPMG India Jobs

Technology Consulting-DT GSOC Executive

KPMG India

based on 5.6k Reviews

6-8 years

Bangalore / Bengaluru

1 vacancy

Technology Consulting-DT GSOC Executive

KPMG India

posted 4mon ago

Flexible timing

Key skills for the job

+ 4 more

About KPMG in India

Has Previous security operations center experience.
Microsoft Certified: Security Operations Analyst Associate (SC-200),
Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900),
Should be able to effectively participate and contribute to investigations with along with managers/leads in the UK and US
Should be well versed with in MITRE ATT&CK framework & NIST standard
Willing to work in different time zones.

With experience of investigating, or involvement in an active cyber incident will be preferred

Equal employment opportunity information

Develop and implement custom analytics rules within Microsoft Sentinel to identify security threats and anomalies.
Leverage KQL and other tools to create custom detection on Microsoft Defender XDR - MDE & MDCA.
Create advanced detection rules based on business requirements & SOC Use Cases.
Work with SIEM and SOAR solutions at scale.
Collaborate with other security teams to identify and prioritize security requirements and develop effective solutions.
Update the code (KQL) on analytical rule for finetuning the false positive incidents.
Stay up to date with the latest security threats and trends and apply this knowledge to improve our security posture.
Perform content enrichment depending on feedback received from security analysts
Have a strong understanding of Cloud Security and Networking Concepts and practices.
Helps to create reports that properly present the key risk and performance indicators.
Communicating & reporting concise summaries of complex scenarios & information across diverse and senior stakeholder groups.
Design, maintain Content Management standard operating procedures (SOP), processes and guidelines.
Report preparation for leads and management review with data from dashboards & reports.

Skills and Experience required:

Strong understanding of JSON, Kusto Query Language (KQL) and PowerShell languages.
Experience analyzing data from cybersecurity monitoring tools such as SIEM / SOAR platforms, host and network logs, firewall and IPS/IDS logs and email security gateway.
Strong understanding of security operations concepts: perimeter defense, endpoint management, data leak prevention, kill chain analysis and security metrics.
Knowledge of the common attack vectors on various layers.
Knowledge and experience working with the Cyber Kill Chain Model, MITER ATT&CK Matrix.
Experience with Security Operations Center, SIEM management & solutions ownership.
Knowledge of various security methodologies and technical security solutions.
Conduct an audit of the platform configuration to optimize it.
Optimizing the way logs are processed and leveraged by SOC team members.
Knowledge on schemas of Microsoft Defender XDR solutions (Microsoft Entra ID and ID protection, Microsoft Defender for Endpoint, Microsoft Defender for Cloud apps, Microsoft Purview Information Protection) and Microsoft 365.
Knowledge of schemas with security events logs from Microsoft windows server.
Experience of working within a regulatory/controlled environment.
Understanding of Cyber Security Risk and mitigation strategies.