Skip to main content
Posted 05 July, 2026

Executive - Cyber Transformation

KPMG
Gurugram,Haryana,IN,122002 Full Time
Reference: 218_609639_INTG10045546

About KPMG in India

KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada.

KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment.

SOC Analysts (Analyst and ACon)

Security Monitoring & Alert Handling:
Monitor and triage alerts in SIEM platforms such as Google Chronicle and MS Sentinel.
Investigate security events across log sources, escalate incidents as needed, and document
findings. Participate in alert tuning by identifying false positives and assisting in refining
detection logic.
Email Security (Antispam, Antiphishing, Antimalware, Impersonation Cases):
Support investigations involving email-based threats such as spam, phishing, malware, and
impersonation (user/domain). Analyze email headers, payloads, and URLs using tools like
Endpoint Threat Response:
Use SentinelOne for endpoint alert analysis and response. Help contain and remediate
malware incidents by analysing behavioural traces and telemetry.
Vulnerability Management Support:
Operate Tenable solutions (e.g., Nessus, Tenable.io) to conduct vulnerability scans. Assist
in interpreting scan results and collaborating with stakeholders on remediation.
Threat Intelligence & Enrichment:
Use Recorded Future to enrich alert context and identify related IOCs or threat actor activity.
Support investigation correlation with external threat feeds.
Threat Hunting Support:
Participate in basic threat hunting exercises following defined hypotheses. Assist in building
and testing detection use cases.
Log Analysis & Investigations:
Review logs from endpoints, firewalls, and cloud systems to investigate suspicious
behaviors. Document investigation steps and outcomes within internal ticketing and case
tracking tools.
Incident Runbooks & Documentation:
Follow and contribute to incident response playbooks and knowledge base articles. Ensure
clear documentation of actions taken during investigations.
Experience: 1 to 4 years

Equal employment opportunity information


KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.
B.Tech or equivalent
  • BE/B.Tech/Post-Grad/ Graduate or Postgraduate in any other discipline
  • 2-4 years of relevant experience.
  • Good to have - Certifications - CSA (Certified SoC Analyst), CISM and CCSP, Certifications from Microsoft Azure Suite
  • Candidates having SOC experience would be preferred
  • Well versed in Microsoft productivity tools such as Word, PowerPoint and Excel
  • An understanding of concepts of analytics and should be able to generate trends, drill downs, and various graphical representations
  • Windows / Azure / AWS infrastructure knowledge will have added advantage
  • Experience in Windows security tools like Defender for office, Defender for identity, Sentinel and other Microsoft security tools will have added advantage
  • Excellent written and oral communication skills

Equal employment opportunity information

KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.

  • Actively monitoring, analysing & escalating SIEM alerts based on correlation rules,

  • Email protection alerts & malware analysis,

  • Provide inputs for proactive content fine tuning & use case enablement,

  • Active threat hunting on network flow, user behaviour & threat intelligence,

  • Phishing email analysis for MFs,

  • Raising incidents in Pastebin inte

  • Should be familiar with Domain Knowledge (Cyber Security), Threat Hunting, SIEM- Azure Sentinel, SIEM - (RSA / Splunk / LogRhythm), Python Scripting, Windows Active Directory, Operating systems and servers.

  • Ability to Triage and assignment Incident Handling.

  • Ability to Follow Playbooks instructions- Incident Response Playbooks

  • Ability to Comprehend Logs (HTTP, SMTP, Network) (Under guidance)

  • Understand and imbibe current SOC process

  • Perform quality assessment on SOC operations being performed as per existing process

  • Record and deviations identified into tracking tool(s)/spreadsheets

  • Perform follow-ups with respective error owners to mitigate process deviations

  • Identify process deviations, Summarize and generate trends, patterns into process deviations / errors observed.

  • Perform RCA into observed errors / trends and generate recommendations for process improvement

  • Generate personnel specific recommendations for performance enhancement

  • Contribute in overseeing quality assessment process for multiple SOC verticals

  • In-line alignment with SOC operations for quick-detection / prevention of process deviations

  • Support as QA touchpoint in critical cyber incidents to enhance quality of service

  • Assessment of investigation report with assertions, evidences and recommended actions

Sign up for Job Alerts