Manager, Content Development - Security Monitoring & Response Tools
Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you're as passionate about your future as we are, join our team.
KPMG is currently seeking a Manager, Security Monitoring & Response to join our Enterprise Security Services organization. This is a remote work opportunity.
- Provide input into the security monitoring and response strategy (or subcomponents); manage plans that align with the strategy; track progress against plans
- Perform as the service owner for related technologies and services; create and maintain system documentation for security tools; perform system health checks; create test cases, scripts and lead the upgrade of security tools
- Identify opportunities for efficiencies, as well as for improvements in security controls; lead the design and implementation of related improvements
- Expand the usage of security monitoring tools to improve the security of the environment, including detection, prevention and policy enforcement; define security configuration for monitoring tools, including alerts, correlation rules, and reporting; leverage a combination of vendor products and services, open source and custom developed utilities
- Drive automation and orchestration to improve efficiency and effectiveness of security monitoring and response processes
- Integrate processes and technologies, with the objective of the continued development of a "single pane of glass" for monitoring and comprehensive security response process
- Minimum five years of recent security monitoring experience, security operations, and incident response activities; preferably within a professional services firm or similar environment, experience with IT process definition and/or improvement
- Bachelor's degree from an accredited college or university is preferred; preferred certifications include: CISSP and either CCSP or CCSK; Other certifications of importance: MCSE: Cloud Platform and Infrastructure, AWS Certified Solutions Architect
- Experience defining security monitoring rules, monitoring events, assessing risk, responding to incidents and providing security oversight related to the security features of IT tools supported by the IT operations teams
- Solid experience in architecture, design, and administration of security monitoring tools, such as firewalls, IDS/IPS, proxies, SIEM, etc., as well as experience in performing manual and/or automated security configuration reviews of network devices, servers, and workstations
- Ability to integrate security tools with IT infrastructure such as proxies, mail servers, Active Directory, workstations and mobile devices, and more; strong knowledge of incident response and crisis management; ability to identify both tactical and strategic solutions
- Proven experience in identification and remediation of system, network, and application vulnerabilities; validating vulnerability scanning results and false positives; performing vulnerability assessments using Qualys or other vulnerability assessment tools
- US Citizenship is required
California Salary Range: $109100 - $229700
KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, citizenship status, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.
KPMG does not currently require partners or employees to be fully vaccinated or test negative for COVID-19 in order to go to KPMG offices, client sites or KPMG events, except when mandated by federal, state or local law. In some circumstances, clients also may require proof of vaccination or testing (e.g., to go to the client site).