KPMG Associate Director, Security Monitoring and Incident Response in New York, New York

Business Title: Associate Director, Security Monitoring and Incident Response

Requisition Number: 67385

Function: Business Support Services

Area of Interest: Information Technology

State: NY

City: New York


The fastest growing Big Four professional services firm in the U.S., KPMG is known for being a great place to work and build a career. We provide audit, tax and advisory services for organizations in today's most important industries. Our growth is driven by delivering real results for our clients. It's also enabled by our culture, which encourages individual development, embraces an inclusive environment, rewards innovative excellence and supports our communities. With qualities like those, it's no wonder we're consistently ranked among the best companies to work for by Fortune Magazine, Consulting Magazine, Working Mother Magazine, Diversity Inc. and others. If you're as passionate about your future as we are, join our team.

KPMG is currently seeking an Associate Director, Security Monitoring and Incident Response to join our KPMG Technology Organization.


  • Lead the Cyber Security Incidence Response Team (CSIRT) through all phases of incident response (IR) life cycle: analysis, containment, eradication, remediation and recovery

  • Lead IR activities such as threat analysis, threat hunting; monitor for external threats, assessing risk to the KPMG environment and driving risk mitigation and response activities

  • Lead the definition, documentation, testing and management of incident response processes

  • Lead the integration of processes and technologies, with the objective of the continued development of a 'single pane of glass' for monitoring and comprehensive security response process

  • Stay abreast of the latest information security controls, practices, techniques and capabilities in the marketplace

  • Lead internal skills development activities for information security personnel on the topic of security monitoring and incident response, by providing mentoring and by conducting knowledge sharing sessions


  • Minimum eight years of Security monitoring experience and incident response activities; preferably within a professional services firm or similar environment

  • Bachelor's degree from an accredited college or university or relevant work experience; CISSP Preferred

  • Experience leading security monitoring and response teams, including the development of security monitoring requirements, risk assessment, and incident response activities; experience providing security oversight related to the security features of IT tools supported by the IT operations teams

  • Strong verbal/written communication skills, with ability to effectively interact with individuals at all levels of responsibility and authority; must be able to prioritize, delegate and foster the development of high performance teams to lead/support an environment driven by customer service and team work

  • Must have a strong understanding of network and system intrusion and detection method including Splunk, Next Generation Endpoint Protection Platforms (EPP), Security information and event management (SIEM)

  • Experience with malware analysis, endpoint lateral movement detection methodologies and host forensic tools; US Citizenship is required

KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an equal opportunity employer. All qualified applicants are considered for employment without regard to race, color, creed, religion, age, sex/gender, national origin, ancestry, citizenship status, marital status, sexual orientation, gender identity or expression, disability, physical or mental handicap unrelated to ability, pregnancy, veteran status, unfavorable discharge from military service, genetic information, or other legally protected status. KPMG maintains a drug-free workplace. KPMG will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable local, state or federal law (including San Francisco Ordinance number 131192). No phone calls or agencies please.

GL: 4

GF: 15310