Information Security Engineer

Job description

Information Security Engineer
Working hours are 09:30-17:30 Mon-Fri (on-call)

The Team
KPMG’s Global Security Operations Centre helps defend KPMG and its clients from cyber-attack, through timely detection, investigation and remediation of potential threats.

The Role
The purpose of the Information Security Engineer role is to ensure sound delivery of technical projects, systems and services for the GSOC. Information Security Engineer will be responsible for customisation, maintenance and support of various security monitoring platforms, integration with Business Intelligence and Enterprise Reporting systems and provide a mixture of project delivery, system integration, maintenance and support around the Wintel environment, SQL, PowerBI, Tableau, Azure, O365 and more. Information Security Engineer will be part of a team working in a fast paced environment driving performance, reliability and supporting the GSOC tools (SIEM, BI, IPAM and more) and infrastructure hosted on Physical and Cloud platforms delivering SOC services.
The successful candidate for this role will have strong analytical and troubleshooting skills, experience in integrating multi technology platforms and brands of product, solid communication skills and a desire to tackle the complex problems of scale which are unique.

• Responsible for installation, management, maintenance and support of GSOC tools hosted on Windows/Linux platform in DataCentre, Azure and O365.
• Co-ordinate with various vendors, other KPMG teams and business stakeholders on work related to design and setup activities at different stages of a technical project.
• Compile and maintain the necessary documentation of all system designs, builds and modifications.
• Responsible for coordination and delivery of user training and training material.
• Monitor systems, identify/resolve issues, prepare status reviews and reports.
• Manage support cases to ensure issues are recorded, tracked, resolved, and follow-ups are done in a timely manner.
• Adhere to strict Service Level Agreements for fault resolutions and service requests completions
• Maintain a good working knowledge of current infrastructure and future trends
• Deliver an excellent customer service
• Ensure leadership are aware of all issues
• Provide on-call support 24x7 on an as needed basis
• Identify, liaise and manage any escalated faults with 3rd party suppliers for major incidents, network improvements or correction of recurring problems
• Ensure work is completed in such a way that complies with established compliance and other internal control requirements
• Exercising judgment within defined procedures and practices to determine appropriate action

The Person
• Technical background managing and supporting endpoints and network infrastructure
• Experience with industry recognized SIEM solutions such as RSA, Qradar, ArcSight, Splunk, LogRhythm, AlienVault, etc. preferable
• Knowledge of Windows Server (2012, R2 and above), SQL, Microsoft Active Directory
• Knowledge of PowerShell, Python and other scripting languages
• Knowledge of MS Azure & O365 Solutions preferable
• Knowledge of Linux OS
• Experience with configuring and using automated monitoring tools
• Experience integrating on premise and cloud solutions (Hybrid Azure Infrastructure) preferable
• Excellent written and oral communications
• Experience working with vendors and various solution providers
• Demonstrated ability to document processes and procedures.