SOC Analyst

Overview:
At KPMG, you’ll join a team of diverse and dedicated problem solvers, connected by a common cause: turning insight into opportunity for clients and communities around the world.

Are you a talented individual with a proven track record on executing project deliverables.

Our Cyber Managed Services team in Toronto is looking for a professional like you with the skills and drive to make a real difference.

What you will do:

- Receive escalation from L1 SOC analyst to determine increased risk to the business
- Review log data against security technology rules and filters to propose further improvements to threat detection
- Coordinate with SIEM Engineers to tune events, improve event correlation, performance, and alerts
- Develop, create and maintain incident response playbooks. This includes identifying areas of potential improvement by reviewing redundant tasks, security incidents and providing task automation suggestions
- Perform log analysis from multiple data sources to analyze technical data, extracting Tactics, Techniques, Procedures (TTP) and malware attributes
- Provide support in the analysis of critical events and security tickets to evaluate the effectiveness and efficiency of the incident management process and develop any necessary improvement plans.
- Maintain up-to-date understanding of security threats, countermeasures, security tools and Cloud Security and SaaS technologies.
- Experience tracking incidents against a framework such as SANS and MITRE ATT&CK.
- Provide technical and thought leadership within SOC by teaching other SOC Analysts about both traditional and unconventional ways to detect, analyze, and mitigate security incidents.
- Act as Subject Matter Expert (SME) trainer for analyst functions, providing support on more involved cases and guiding the activity of other T1/T2 analysts through collaboration.
- Act as the lead coordinator for the Incident Response function and as designated lead on customer on-boarding projects to ensure a successful transition to SOC for security monitoring services.

What you bring to this role:

- Highly technical with at least 3 to 5 years of relevant experience as an analyst in Cyber, IT Security or a SOC
- Any industry relevant(s) certifications such as CISSP, CISM, SANS, CISA, CompTIA Security+ or CompTIA CySA+, GIAC is required.
- Hands-on experience with Microsoft Sentinel or other SIEM and SOAR technologies, creating and running queries, and performing analytics examination of logs and console events.
- Hands-on experience with Microsoft Defender Endpoint, CSPM/CWP or any similar vendor technologies, ability to understand vulnerabilities with insights from industry-leading security research and provide recommendation to external clients
- Experience with Malware Analysis and reverse engineering through static or dynamic analysis.
- Experience and demonstrated success in business development activities, including research and analysis, processes development/improvement, proposal writing etc.
- Experience evaluating the design and operating effectiveness of various control frameworks and standards, including understanding process level risks, technology risks, assessing the adequacy of mitigating controls and providing opportunities for enhancement
- Experience in enterprise asset lifecycle management, with a strong understanding of relating security operations such as patch management, vulnerability management, security architecture, and endpoint management
- Experience and/or strong understanding of cloud transformation, cloud architecture, and cloud security operations.
- Experience leading and/or managing complex projects
- Effectively communicate and present strategies, solutions, insights, and reports to a mix of stakeholders at various levels
- Experience in a leadership role, providing engaged mentorship and knowledge sharing to the team and junior/intermediate level analysts

**Providing you with the support you need to be at your best**

For more information about KPMG in Canada’s Benefits and well-being, click here.

Our Values, The KPMG Way:
**Integrity**, we do what is right | **Excellence**, we never stop learning and improving | **Courage**, we think and act boldly | **Together**, we respect each other and draw strength from our differences | **For Better**, we do what matters

**Adjustments and accommodations throughout the recruitment process**

For information about accessible employment at KPMG, please visit our accessibility page.