Specialist Director, Delivery Director

Job Description

KPMG is currently seeking a Director to join our Advisory Services practice.

Responsibilities:

• Formulate and define the strategic direction for Managed Detection & Response as a managed service; grow pipeline of the solution, by working closely with internal and external channels; identify and create pull through opportunity for other managed services and consulting services. Keep abreast of industrial, technology and business trends
• Perform investigation and orchestration for complex/high severity security alerts, threats or incidents; provide the people, process and technology background to ensure timely detection, identification and alerting of possible attacks/intrusions, anomalous activities, intrusion attempts/compromises, malicious behavior, insider risk and misuse activities to distinguish these incidents from benign activities; isolate, triage and eradicate malicious behaviors
• Serve as the lead point of contact facilitating incident response orchestration with client; lead research, analysis and correlation efforts across a variety of all source data sets/collectors, log collectors and threat feeds to inform and guide the strategic direction of the offering; monitor competitive landscape in pricing, capabilities and offerings to analyze and report system security posture trends
• Direct technical product managers in developing new or modified solutions for Managed Detection and Response; as a leader of a team, ensure that the right things are being worked on at the right time, and ensure quality throughout; working with value architect to create pricing for opportunities
• Provide ongoing strategic context for your team and clients, educating, sharing and capturing qualitative and quantitative metrics that corroborate decision making
• Develop and maintain materials to communicate offering, value proposition and customize it to individual opportunity; analysis of alerts from Security Event and Information Management tools, ideally Azure Sentinel (not required); create and develop SOC processes and procedures, lead strategy development, methodology and execution of Use Case Catalog working with Level 1, Level 2 and Level 3 Analysts

Qualifications:

• Minimum ten years of recent experience leading Enterprise Security Operations Centers or Managed Detection and Response analyst or incident response teams in any of the following: lead security operations center analyst (L3), threat hunting, penetration testing, digital forensics, incident response, recognizing and categorizing organizational vulnerabilities and attacks, on-prem, hybrid and cloud security concepts and protocols, providing customer technical readiness, delivery support services, on premise and remote technical support, solution development, technical requirements gathering; thought leadership, broad evangelism through events (presentation skills) or related
• Bachelor's or Master's degree or an equivalent experience in lieu of degree
• Certifications: CEH, GIAC, OSCP, CREST, GCIH, CCIA, GPEN, Platform Certifications (Microsoft, Splunk, QRadar, etc.); experience with one or more of the following: Cyber-Security solutions, Security Operation Center, Threat Intelligence Management, Vulnerability Research, Digital Forensics, Incident Response, Endpoint Management, Network Security; experience with Microsoft Security Suite and Microsoft Azure
• Product Management experience with Software as a Service (SaaS) or Infrastructure as a Service (IaaS) offerings for enterprises; experience in the enterprise software market and with services / product companies; demonstrated understanding of the techniques and methods of modern product discovery and product delivery; knowledge of a global, 24/7, high availability and high trust operation aspects of managed services; familiarity with engineering work of a security operation center; three years Level 3 SOC Analyst experience
• Experience developing and analyzing reports generated of SIEM tools; advanced understanding of operating system, application, network, etc. and exploitation techniques.
• Reverse Malware Analysis; incident Response and handling methodologies, procedures and execution. Background performing packet-level analysis; experience with tools such as; Nslookup, Kali Linux, Traceroute, Nmap, Nikto, NetStumbler, Metasploit, Wireshark, Aircrack Intruder, etc.; experience with network-based User and Entity Behavior Analytics
• Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future
• Ability to travel as necessary