Service Line Overview
Information Technology Services (ITS) is a single, integrated service organization with global, national and practice-based components that work together to meet service expectations and deliver priority projects to KPMG China.

About The Role
As a part of the Security Operations Centre, you will work with a team of SOC analysts to deliver professional cyber security services, which spans the full range of security monitoring, incident investigation, response and reporting, threat intelligent and vulnerability management, and other security analytics functions.

Key Responsibilities
· Ensuring timely incident identification, assessment, containment, and recovery.
· Act as incident response lead for cyber security incidents when required and coordinate resources and teams across the firm to adequately respond to security threats.
· Develop and enhance incident response processes or playbooks.
· Provide cyber security guidance on operational topics such as security incident response, vulnerability management, data breach prevention, security alert monitoring, etc.
· Prompt response to latest cyber security news or vulnerability updates.
· Perform threat management, threat modelling, identify threat actors and develop security monitoring use cases.
· Measure SOC performance metrics – ensuring compliance to policies and SLA, process adherence and process optimization.
· Ensure compliance with internal standards, international standard like ISO27001 and regulatory requirements in China.
· Candidate with less experience will be considered as Assistant Manager


Experience & Background
· Bachelor’s degree, with a major in IT or other relevant disciplines.
6+ year experience in IT Security / SOC / incident detection and response field.
· Holder of CISSP, CISM and/or CISA preferred.
· Proven experience in incident detection & response in multi-cloud and hybrid-cloud environments.
· Experience in data analytics, process automation, and application development will be an advantage.
· Proven experience in SIEM, SOAR and TIP tools, develop and enhance IR playbook, security solutions evaluation and recommendations.
· Technical knowledge of MITRE ATT&CK, Cyber Kill Chain, NIST.
· Experience with endpoint security products, firewall technologies, threat intelligence, penetration tests, information security principles and practices will be an advantage.
· Experience with China brand security vendors will be an advantage.
· Strong desire to develop and follow standards and procedures.
Strong communication skills in both Chinese and English.