Skip to main content
Posted 27 May, 2026

Senior - Cyber Transformation

KPMG
Gurugram,Haryana,IN,122002 Full Time
Reference: 218_609639_INTG10044969

About KPMG in India

KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada.

KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment.

Content (use case) Developer for MS Sentinel & Google SecOps & Google SecOps- Consultant/AM
At least 4-8 years of experience in cybersecurity or related field. Experience in Microsoft Sentinel & Google SecOps platform and related technologies. Experience in developing use cases that showcase the capabilities of the Microsoft Sentinel & Google SecOps platform for detecting and responding to security threats. Ability to create high-quality, effective, and efficient use cases that can be used by security analysts to improve their incident response processes. You will work closely with security analysts and incident response teams to understand their needs and requirements and translate them into effective use cases. You will be responsible for testing and validating use cases to ensure that they are effective and efficient in detecting and responding to security threats. You will work with security analysts and incident response teams to ensure that use cases meet their needs and requirements. Ability to create technical documentation for use cases, including descriptions of the use case, step-by-step instructions for using the use case, and technical requirements for the use case. You will be responsible for providing technical support to security analysts and incident response teams who use the use cases you develop. This may include troubleshooting issues, providing guidance on how to use the use cases effectively, and answering technical questions. Stay up to date with the latest security trends, threats, and techniques to ensure that the use cases you develop are effective and relevant. Should have good knowledge on log sources Hands-on experience on KQL Ability to work independently and as part of a team. Excellent written and verbal communication skills. Familiarity with cybersecurity frameworks such as NIST, MITRE ATT&CK Security Certifications like CISSP, CISM, GIAC, Security+ etc. is a plus Ability to learn and retain new skills in a changing technical environment

Equal employment opportunity information


KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.
B.Tech or equivalent
  • Bachelor's degree in Cybersecurity / IT / Computer Science (or equivalent experience)
  • 4+ years of experience in Security Operations Center

  • Experience with cloud security (AWS/Azure )

Equal employment opportunity information


KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

  • Monitor security alerts and events using SIEM tools (Splunk, QRadar, Sentinel, ArcSight, etc.).
  • Perform in-depth analysis of security incidents and correlate multiple data sources.
  • Identify false positives vs true threats with accurate judgment.
  • Investigate and respond to security incidents (malware, phishing, insider threat, lateral movement, etc.).
  • Perform initial triage and root cause analysis.
  • Coordinate containment, eradication, and recovery efforts.
  • Conduct proactive threat hunting using logs and threat intelligence.
  • Develop and tune SIEM use cases and correlation rules.
  • Analyze indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs).
  • Prepare detailed incident reports and RCA (Root Cause Analysis).
  • Maintain documentation for use cases, playbooks, and SOPs.
  • Provide regular security metrics and reports to management.
  • Work with IT teams, network teams, and incident response teams.
  • Escalate critical incidents to L3 or management when required.
  • Mentor and guide L1 analysts.
  • Use tools like:
    • SIEM: Splunk, QRadar, Microsoft Sentinel
    • EDR/XDR: CrowdStrike, Defender, Carbon Black
    • SOAR platforms
    • Threat intelligence platforms
    • Network monitoring tools (Wireshark, Zeek)
Apply to this Job

Sign up for Job Alerts

By clicking Create Alert, you agree to the Global Terms of Use Agreement and acknowledge that you have read and understand the Global Privacy Policy.