Gsoc

About KPMG in India

KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. 

KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment.

Roles & Responsibilities:

• Responsible for critical security incident/breach management life cycle across the enterprise which includes, validating legitimacy of the incident, identification of possible source / incident origin/patient Zero, performing event co-relation across various devices, gathering evidence, and preparing final report
• Responsible for analysis of logs from various network devices, security tools, SIEM etc.to conclude investigation process
• Perform memory forensics for investigating file less malware, sophisticated ransomware etc.
• Carry out incident forensic investigations as and when needed and ensure chain of custody
• Perform Bit stream Imaging/acquiring of the Digital Media during the process of Investigation
• Handle information breach violations identified through Data Loss Prevention tool
• Work closely with SOC Analysts, Threat Intelligence and Threat Hunting team to enable a world-class cyber defense team for KPMG
• Perform proactive analysis & reporting of cyber threats, data breaches and security anomalies
• Aid in and participate in daily, weekly, quarterly, and yearly production reporting for clients, partners, and internal teams.
• Actively assess network and endpoint events to detect anomalous activity and develop mitigation strategies to prevent cyber threats
• Proactively detect, isolate, and neutralize advanced threats that evade existing security solutions by utilizing existing resources and security solutions/tools
• Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure
• Conduct threat hunting scenarios basis behavior analysis, cyber threat intelligence, and hypothesis driven approach
• Perform regular hunts post analyzing TTPs adopted by popular threat actor groups
• Remain updated about latest threats, attack vectors and use the knowledge to develop detection rule and hunt scenarios proactively under stringent timeline
• Should be able to maintain/develop sandbox-based solution to perform basic malware analysis
• Aid in and participate in daily, weekly, quarterly, and yearly production reporting for clients, partners, and internal teams

• Prior experience in handling critical Information security incidents/breach
• Able to decipher attack motivations and techniques by correlating threat data from various sources to complete a comprehensive picture of potential cyber-attacks
• Proficient with MITRE ATT&CK framework and TTPs related to various adversary groups
• Should have experience in any of EDR tools - MDE, Carbon Black, CrowdStrike, FireEye HX
• Should be able to use Encase, Autopsy, FTK Access Data, and other forensic tools for acquiring and analysis of the data from the various Storage devices
• Exposure in minimum one SIEM tools - ArcSight, Splunk, Sentinel, QRadar
• Should be able to perform basic malware analysis

Equal employment opportunity information 

KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.