Technology Consulting-DT GSOC Analyst

About KPMG in India

KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada. 

KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment.

• Actively assess network and endpoint events to detect anomalous activity and develop mitigation strategies to prevent cyber threats
• Proactively detect, isolate, and neutralize advanced threats that evade existing security solutions by utilizing existing resources and security solutions/tools
• Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure
• Conduct threat hunting scenarios basis behavior analysis, cyber threat intelligence, and hypothesis driven approach
• Perform regular hunts post analyzing TTPs adopted by popular threat actor groups
• Remain updated about latest threats, attack vectors and use the knowledge to develop detection rule and hunt scenarios proactively under stringent timeline
• Should be able to maintain/develop sandbox-based solution to perform basic malware analysis
• Aid in and participate in daily, weekly, quarterly, and yearly production reporting for clients, partners, and internal teams.

Required Skillset:

• Strong understanding of cyber kill chain, MITRE ATT&CK framework
• Deep understanding of network protocols, operating systems, AD Security, DNS Security, and adversary tactics 
• Must possess deep knowledge and understanding of Microsoft Event IDs required for designing various hunting queries especially process related events
• Basic understanding of Query Logic used in various SIEMs (Splunk, Sentinel, QRadar) used for running hunt queries
• Should be able to analyze network packets and log data from various devices
• Should have working knowledge of Python to install, run and test various Python based open source Git Projects/tools etc.
• Basic understanding of malware analysis
• Must be proficient in writing detailed threat reports
• Preferred experience in running/managing any BAS/Purple tool solution 

• BE/B.Tech/Post-Grad/ Graduate or Postgraduate in any other discipline
• 0-2 years of relevant experience. 
• Candidates should be okay to work in rotational shifts.
• Good to have - Certifications - CSA (Certified SoC Analyst), CISM and CCSP, Certifications from Microsoft Azure Suite
• Candidates having SOC experience would be preferred
• Well versed in Microsoft productivity tools such as Word, PowerPoint and Excel
• An understanding of concepts of analytics and should be able to generate trends, drill downs, and various graphical representations
• Windows / Azure / AWS infrastructure knowledge will have added advantage
• Experience in Windows security tools like Defender for office, Defender for identity, Sentinel and other Microsoft security tools will have added advantage
• Excellent written and oral communication skills

Equal employment opportunity information 

KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.