Service Line Overview

Information Technology Services (ITS) is a single, integrated service organization with global, national and practice-based components that work together to meet service expectations and deliver priority projects to KPMG China.

About The Role

As a part of the Security Operations Centre, you will work with a team of SOC analysts to deliver professional cyber security services, which spans the full range of security monitoring, incident investigation, response and reporting, threat intelligent and vulnerability management, and other security analytics functions.

Key Responsibilities

The role is responsible for the determination and escalation of all prioritized incidents, the communication with other teams and global SOC, as well as being the technical representative when call upon.
• Prepare and maintain the Security Event and Incident Response (SEIR) Plan
• Ensure the incident response team has the necessary personnel, resources and skillsets to handle cyber security incidents
• Acting as liaison with upper management and other teams in handling security incidents
• Ensure the quality of (24x7) round-the-clock security monitoring services
• Review scope of incident impact and severity
• Evaluate security analytics solutions

Experience & Background

• Bachelor’s degree, with a major in IT or other relevant disciplines.
• 5+ year experience in IT Security / SOC / incident detection and response field.
• 3+ year experience in a team management role.
• Holder of CISSP, CISM and/or CISA preferred.
• Proven experience in incident detection & response in multi-cloud and hybrid-cloud environments.
• Experience in data analytics, process automation, and application development will be an advantage.
• Proven experience in SIEM, SOAR and TIP tools, develop and enhance IR playbook, security solutions evaluation and recommendations.
• Technical knowledge of MITRE ATT&CK, Cyber Kill Chain, NIST.
• Experience with endpoint security products, firewall technologies, threat intelligence, penetration tests, information security principles and practices will be an advantage.
• Experience with China brand security vendors will be an advantage.
• Strong desire to develop and follow standards and procedures.
• Strong communication skills in both Chinese and English.