Skip to main content
Posted 11 July, 2026

Senior Threat Detection Analyst-Assistant Manager-MFT-KGS CH

KPMG
Bangalore,Karnataka,IN,560103 Full Time
Reference: 218_549848_30046780

Key Responsibilities

  • Act as an escalation point for other security analysts in the SOC
  • Co-ordinate SOC team response and work with Threat Detection manager to improve triage processes
  • Deputise for the Threat Detection Manager with full delegated responsibilities, when required
  • Proactively monitor the network security sensors ensuring timely detection, investigation and remediation of potential threats in line with the incident management lifecycle
  • Use the advanced security analytics toolsets to monitor for emerging threat patterns and vulnerabilities, attempted or successful breaches
  • Work closely with other KPMG teams to ensure that all technologies are actively monitored, including troubleshooting where necessary
  • Interact with the Global Security Operations Centre (GSOC) and SOC, including incident response and intelligence sharing, escalating to management where required
  • Triage and manage incidents, events and queries from the business to the relevant resolver group
  • Contribute to the Continual Service Improvement of the teams' operations through proactive analysis, engagement and collaboration
  • Detect, respond and coordinate response for security events while capturing essential details and artefacts
  • Operationalise actionable intelligence reports from Threat Intelligence team and external sources
  • Maintain event response documentation, participate in post-mortems, and write event reports
  • Contribute to projects that enhance the security posture of KPMG
  • Identify trends, potential new technologies, and emerging threats, which may impact KPMG
  • Review and prioritise alerts based on Standard Operating Procedures
  • Review and triage suspected security events reported by staff members or Security Monitoring platforms
  • Accurately document work in the incident case management system as per defined standards
  • Leverage multiple data sources to analyse detection alerts and staff reported cyber-attacks to identify which events require response activities based on Standard Operating Procedures
  • Declare an incident and escalate it to the Incident Response team, ensuring findings have been accurately captured in the incident case management system as per defined standards
  • Ensure that cases are accurately categorised to ensure the appropriate feedback is provided to the Detection and Response Engineering team and to facilitate reporting
  • Identify and record gaps in visibility and security posture through the course of investigations as per defined Standard Operating Procedures
  • Identify potential new detection logic and escalate to the Detection and Response Engineering team
  • Hunt for threat indicators from log data and other available endpoint/network artefacts

Key Attributes

  • Prior experience in Cyber Security

  • Experience of working in a Security Operations Centre or Security Monitoring Team.

  • Experience with managed security services and security consulting would be a plus

Essential Skills and Experience

  • Hands on SIEM and EDR tooling knowledge and experience including technologies such as Microsoft Sentinel, Microsoft Defender Suite etc.

  • Experience in end-to-end information security incident management and mitigating and addressing threat vectors including Advanced Persistent Threat (APTs), Distributed Denial of Service (DDoS), Phishing, Malicious Payloads, Malware, etc

  • Experience with Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Web Application, Firewalls, Firewall logs, systems logs, web logs, application logs and Security Information and Event Management (SIEM) systems

  • Experience with technologies, tools, and process controls to minimise risk and data exposure.

  • Experience in search query languages such as KQL, OSquery or SPL

  • Solid experience of working in Cloud environments such as AWS, Azure, & GCP

  • Experience with building threat-based Use Cases using frameworks such as MITRE ATT&CK

  • Solid understanding of ISO 27001, Cyber Essentials/Essentials Plus, GDPR and other information security-related regulatory and compliance standards

  • Understanding of security threats, attack scenarios, intrusion detection and incident management

  • Ability to function effectively in a matrix structure

  • Ability to deal with ambiguity and to keep a cool head when dealing with crisis or stressful situations

  • Strong analytical skills

  • Apply analytical rigor and demonstrate business acumen to understand complex business scenarios

  • Fluent in English

  • For UK hires, there may be a requirement to undergo SC clearance

Desirable Skills and Experience

  • Bachelor's degree in Computer Science or related field

Sign up for Job Alerts