Skip to main content
Posted 11 June, 2026

Consultant - Cyber Transformation (Splunk)

KPMG
Mumbai,Maharashtra,IN,400063 Full Time
Reference: 218_609639_INTG10043250

About KPMG in India

KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada.

KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment.

  • 5+ years of experience in SOC engineering or SIEM administration

  • Handson experience with Google Chronicle SecOps

  • Strong understanding of SIEM concepts, log management, and security analytics

  • Experience with UDM (Unified Data Model) and YARAL rule creation

  • Proficiency in log ingestion pipelines, data normalization, and enrichment

  • Good understanding of cybersecurity domains:

    • Incident response

    • Threat detection

    • Network & endpoint security

    • Cloud security (GCP preferred)

  • Strong analytical skills and experience with largescale data investigations

  • Ability to work with APIs for automation and integration

Equal employment opportunity information


KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

  • Administer, maintain, and optimize the Google Chronicle SIEM platform
  • Onboard and manage log sources from cloud, onprem, network, and application environments
  • Develop and finetune Detection Rules (YARAL / UDM rules)
  • Conduct threat hunting activities and analyze large datasets using Google Chronicle search capabilities
  • Build custom parsers, dashboards, and investigative workbooks
  • Monitor SIEM platform performance, ingest pipelines, and data quality
  • Collaborate with SOC teams on incident detection, triage, and escalation
  • Integrate Chronicle with other GCP security services (SecOps, SCC, Event Threat Detection)
  • Implement automated workflows and playbooks (SOAR integrations if applicable)
  • Troubleshoot ingestion failures, parsing gaps, and connector issues
  • Prepare documentation for SIEM architecture, rule logic, and operational processes
  • Ensure alignment with security policies, regulatory compliance, and audit expectations
Apply to this Job

Sign up for Job Alerts

By clicking Create Alert, you agree to the Global Terms of Use Agreement and acknowledge that you have read and understand the Global Privacy Policy.