Manager, Information Security Innovation Accelerator Engineer (GT&K)

At KPMG, you’ll join a team of diverse and dedicated problem solvers, connected by a common cause: turning insight into opportunity for clients and communities around the world.

We are seeking a talented and innovative Security Engineer to join our Global Security Operations Center (GSOC) team. This role focuses on Innovation, ensuring that automation supports and is part of any operationalization activities while leveraging DevOps principles to enhance security operations. The ideal candidate will possess expertise in Palo Alto Cortex, Azure technologies including Logic Apps and Microsoft Sentinel, and ServiceNow, and be responsible for building, improving, and maintaining automated workflows to streamline security monitoring and incident response.

• Ensure continuous improvement to GSOC processes and technology through automation.
• Support the Innovation Lead and liaise with KPMG teams, business stakeholders, and vendors to design and setup activities at different stages of a technical project.
• Installation, management, maintenance and support of GSOC technologies hosted on multiple environments including physical Data Centers, Azure public cloud and O365.
• Monitor systems, identify/resolve issues, prepare status reviews and reports; Compile and maintain the necessary documentation of all system designs, builds and modifications.
• Responsible for coordination and delivery of user training and training material.
• Manage support cases to ensure issues are recorded, tracked, resolved, and follow-ups are done in a timely manner.

• 3 years’ experience automating security workflows using scripting languages such as Python, PowerShell, or Bash. 3 years’ experience with Query Languages preferably KQL. 3+ years of experience working as a Security Engineer or in a Security Operations Center (SOC) environment.
• Bachelor’s degree, Master’s, or PhD in Computing, Information Security, or related field (or equivalent work experience). Certifications such as CISSP, CISM, AWS Certified Security – Specialty, Azure Security Engineer are a plus.
• Familiarity with threat intelligence platforms and SIEM tools. Strong hands-on experience with automation and Azure Security technologies (including Azure Sentinel, Logic Apps, etc.). Expert in scripting or development languages e.g. Python, and a query language e.g. KQL.
• Deep understanding of security technologies, principles, and best practices related to incident response and threat detection.
• Proven expertise in DevOps tools and practices (e.g., Git, Jenkins, Terraform, Docker, Kubernetes).