GSOC (Global Security Operations Center) Incident Response Manager

Provide Bridge between GISG Operational teams and ITS Global Major Incident Management Process

• Coordinate Security Incident management activities across Regions


• Provide Member Firms with Incident Response advice and support through the regional model


• Provide guidance to GSOC Operational Teams on advice given to MF when escalating incidents


• Provide Regionally aligned situational awareness to MF's and GSOC Operational Teams


• Define, set up, and maintain repeatable Teams War Room structure


• Define, set up, and maintain communication structure and templates for the three below high level incident types. Assist in coordination with GCISO to link into board level and regulatory comms requirements


• Give Service Management the Security context of any Security Incident promoted to Major Incidents


• Assist in the delivery of Cyber War games and purple teaming activities


• Initiate US Advisory IR assistance requests


• Coordinate US Advisory IR activities when necessary, Provide Security Incident Management Framework and coverage between GISG and the ITS Global Service Management Major incident management process


• Define and maintain a collaborative workspace structure for Security incident management activities, to enable near real time exchange of incident related information.


• Oversee the establishment, and provide ongoing management, of a Regional Security incident management model. The model should be based on Security Incident management/Incident response staff in each region


• Provide Incident response advice to all customers based on existing and expected Threat scenarios


• Provide feedback to GSOC, ISS and GISG management on prevalent threats encountered by the regional Teams


• Act as a coordination point for Cyber War Games and Purple team activities


• Act as a coordination point for Incident Response engagements with US Advisory
  
  Experience of security incident response in a large, distributed organisation


• Experience working in, or alongside, Security Operations Centres in a large, distributed organisation


• Experience working across multi-disciplinary teams in relation to security incident management activities


• Demonstrate experience dealing with complex security related incidents


• Experience working in a hybrid legacy and cloud environment, Bachelor's degree in a related field (e.g. Computer Sciences, Computer Engineering, Information Technology and Security) or equivalent work experience


• Significant experience in ITIL based Incident management activities


• ITIL certification or equivalent experience


• GCIH certification or equivalent certification or experience


• Strong communication, reporting and documentation skills, proven ability to discuss with both business and technology management.


Intelligent Working

Through helping other organizations mitigate risks and grasp opportunities, we can drive positive, sustainable change for clients, our people and society at large. KPMG firms operate in 143 countries and territories, and in FY22, collectively employed more than 265,000 partners and people, serving the needs of business, governments, public-sector agencies, not-for-profits and through KPMG firms' audit and assurance practices, the capital markets. KPMG is committed to quality and service excellence in all that we do, bringing our best to clients and earning the public's trust through our actions and behaviors both professionally and personally.

We lead with a commitment to quality and integrity across the KPMG global organization, bringing a passion for client success and a purpose to serve and improve the communities in which KPMG firms operate. In a world where rapid change and unprecedented disruption are the new normal, we inspire confidence and empower change in all we do."

About the team

GISG (Global Information Security Group) is one of five domains within KPMG's Global Technology & Knowledge group. GISG provides the information protection and technology infrastructure that secures KPMG's technology environment and connects its network of member firms. GISG works with the other GT&K domains to ensure that appropriate security controls are in place for KPMG technology solutions., At KPMG International, we are supportive of helping you to achieve a balance between your home and work demands. We are happy to discuss individual requirements and our range of flexible working arrangements could be of interest. Please ask to find out more.

KPMG International's commitment to inclusion & diversity

At KPMG International, we recognise that we need inclusion and diversity to be successful. We want to attract, retain and develop diverse talent at all levels. This means recruiting from the widest pool of talent across our network and beyond, removing barriers that can prevent our people from reaching their full potential, and fostering a fully inclusive environment which empowers everyone to bring their whole selves to work., KPMG International is proud to be an inclusive place to work and we are committed to ensuring that you are treated fairly throughout our recruitment process. Should you be successful after the initial application stage, please discuss any reasonable adjustments that you may require with your recruitment contact.