Information Security Automation Specialist

Job Title/Req Number: Information Security Automation Specialist 106271

Base Location: Anywhere in the UK, including London, Manchester, Birmingham or Edinburgh, plus a network of 20 offices nationwide.

KPMG International is a global organization of independent professional services firms providing Audit, Tax, and Advisory services. We help set strategies, protect reputations, and deliver value to our members and communities. Joining us offers a unique perspective on global operations and involvement in impactful projects.

Our Global Technology & Knowledge team plays a crucial role in enabling digital transformation, providing trusted technology services, ensuring network security, and driving our Collective Strategy. We foster a customer-centric, empowered, and flexible working culture.

As part of the Global Information Security Group (GISG), the Information Security Services (ISS) team, including the Global Security Operations Center (GSOC), defends against cyber threats through detection, investigation, and remediation.

1. Develop SOAR playbooks, program APIs, automate tasks, and maintain tools across multiple environments including data centers, Azure, and O365.
2. Coordinate with vendors, internal teams, and stakeholders during project phases.
3. Document system designs, builds, and modifications.
4. Deliver user training and prepare training materials.
5. Monitor systems, troubleshoot issues, and prepare reports.
6. Manage support cases, ensuring timely resolution and follow-up.

1. Intermediate to advanced software development and programming skills.
2. Preferred: Information or Cyber Security qualification (e.g., CompTIA, CISSP, CEH).
3. Experience with RESTful APIs and development.
4. Excellent communication skills.
5. Ability to document processes professionally.
6. Experience working with vendors and solution providers.
7. Proficiency in modern programming languages.
8. Experience integrating disparate systems via APIs.
9. Knowledge of automation, workflows, orchestration, and BPM.
10. Ability to query large datasets.
11. Experience in operational roles with strict SLAs.

• Experience in Security Operations environments.
• Familiarity with SIEM solutions like Azure Sentinel.
• Experience with SOAR tools such as XSOAR or Azure Logic Apps.
• Knowledge of query languages like KQL.
• Good understanding of Microsoft Azure and O365.
• Experience managing Unix/Linux servers.

Core hubs include Glasgow, Leeds, London Canary Wharf, and Manchester. We offer flexible working arrangements across the UK, including office, remote, part-time, and flexible hours.

Explore more about our divisions and initiatives like Tech and Engineering, Women in Tech, and Disability Confidence. For support in applying, please contact our recruitment team.