SOC Analyst – L2

KPMG

Overview
At KPMG, you’ll join a team of diverse and dedicated problem solvers, connected by a common cause: turning insight into opportunity for clients and communities around the world.

Are you a talented individual with a proven track record on executing project deliverables.

Our Cyber Managed Services team in Toronto is looking for a professional like you with the skills and drive to make a real difference.

What you will do

  • Receive escalation from L1 SOC analyst to determine increased risk to the business
  • Review log data against security technology rules and filters to propose further improvements to threat detection
  • C oordinate with SIEM Engineers to tune events, improve event correlation, performance, and alerts
  • Develop, create and maintain incident response playbooks. This includes identifying areas of potential improvement by reviewing redundant tasks, security incidents and providing task automation suggestions
  • Perform log analysis from multiple data sources to analyze technical data, extracting Tactics, Techniques, Procedures (TTP) and malware attributes
  • Provide support in the analysis of critical events and security tickets to evaluate the effectiveness and efficiency of the incident management process and develop any necessary improvement plans.
  • Maintain up-to-date understanding of security threats, countermeasures, security tools and Cloud Security and SaaS technologies.
  • Experience tracking incidents against a framework such as SANS and MITRE ATT&CK.
  • Provide technical and thought leadership within SOC by teaching other SOC Analysts about both traditional and unconventional ways to detect, analyze, and mitigate security incidents.
  • Act as Subject Matter Expert (SME) trainer for analyst functions, providing support on more involved cases and guiding the activity of other T1/T2 analysts through collaboration.
  • Act as the lead coordinator for the Incident Response function and as designated lead on customer on-boarding projects to ensure a successful transition to SOC for security monitoring services.

What you bring to the role

  • Highly technical with at least 3 to 5 years of relevant experience as an analyst in Cyber, IT Security or a SOC
  • Any industry relevant(s) certifications such as CISSP, CISM, SANS, CISA, CompTIA Security or CompTIA CySA, GIAC is required.
  • Hands-on experience with Microsoft Sentinel or other SIEM and SOAR technologies, creating and running queries, and performing analytics examination of logs and console events.
  • Hands-on experience with Microsoft Defender Endpoint, CSPM/CWP or any similar vendor technologies, ability to understand vulnerabilities with insights from industry-leading security research and provide recommendation to external clients
  • Experience with Malware Analysis and reverse engineering through static or dynamic analysis.
  • Experience and demonstrated success in business development activities, including research and analysis, processes development/improvement, proposal writing etc.
  • Experience evaluating the design and operating effectiveness of various control frameworks and standards, including understanding process level risks, technology risks, assessing the adequacy of mitigating controls and providing opportunities for enhancement
  • Experience in enterprise asset lifecycle management, with a strong understanding of relating security operations such as patch management, vulnerability management, security architecture, and endpoint management
  • Experience and/or strong understanding of cloud transformation, cloud architecture, and cloud security operations.
  • Experience leading and/or managing complex projects
  • Effectively communicate and present strategies, solutions, insights, and reports to a mix of stakeholders at various levels
  • Experience in a leadership role, providing engaged mentorship and knowledge sharing to the team and junior/intermediate level analysts

Providing you with the support you need to be at your best
For more information about KPMG in Canada’s Benefits and well-being, click here.

Our Values, The KPMG Way
Integrity, we do what is right | Excellence, we never stop learning and improving | Courage, we think and act boldly | Together, we respect each other and draw strength from our differences | For Better, we do what matters

KPMG in Canada is a proud equal opportunities employer and we are committed to creating a respectful, inclusive and barrier-free workplace that allows all of our people to reach their full potential. A diverse workforce is key to our success and we believe in bringing your whole self to work. We welcome all qualified candidates to apply and hope you will choose KPMG in Canada as your employer of choice. For more information about Inclusion, Diversity & Equity in Recruitment, please click here .

Adjustments and accommodations throughout the recruitment process
At KPMG, we strive for an inclusive recruitment process that allows all candidates to Come As You Are and Thrive with Us. We aim to provide a positive experience and are ready to offer adjustments or accommodations to help you perform at your best. Adjustments (an informal request), i.e. extra preparation time or the option for micro breaks during interviews, and accommodations (a formal request), i.e. accessible communication supports or technology aids are tailored to individual needs and role requirements.

To begin a confidential conversation about adjustments or accommodations at any point throughout the recruitment process, we encourage you to contact KPMG’s Employee Relations Service team for support by emailing cdnersteam@kpmg.ca or by calling 1-888-466-4778, Option 3.

For information about accessible employment at KPMG, please visit our accessibility page .