Senior Specialist, SOC Analyst Level II

The KPMG Advisory practice is at the forefront of transformation, offering excellent opportunities for individuals to advance their careers and expertise with KPMG. Looking ahead, we anticipate continued evolution and success within the practice, fostering both personal and professional development, thereby creating new pathways for growth. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility, and leading market tools, we help our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory.

• Lead advanced security event investigation and incident triage, including IOC validation, deep dive intrusion analysis, event correlation, forensic review, and determining when events meet incident thresholds to engage Incident Response
• Oversee and mentor Level 1 Analysts, ensuring quality, consistency, and timely execution of SOC processes, shift metrics, and event handling across SIEM portals.
• Collaborate closely with MDR Analysts on incident workflows, supporting detection, response, remediation activities, and cross team communication to drive proper incident resolution
• Optimize SOC technology by creating and tuning SIEM filters, dashboards, monitors, and collaborating with SIEM Engineers to refine alert logic and improve correlation performance
• Conduct proactive threat hunting, threat research, and leverage internal/external intelligence sources to enhance event enrichment, detection capability, and overall SOC maturity
• Troubleshoot and support IDS/IPS, firewalls, and security monitoring tools to resolve issues impacting detection quality, performance, or incident visibility
• Act with integrity, professionalism, and personal responsibility to uphold KPMG's respectful and courteous work environment

• Minimum three years of recent technical experience in Information Security, System Administration, or Network Engineering, including experience in Information Security and MDR/SOC/Incident Response experience.
• Bachelor's degree from an accredited college/university in Computer Science, Engineering, Information Technology, Cybersecurity, or a related field is required
• Strong knowledge of network security fundamentals, intrusion detection, incident detection/response, malware analysis, cyber forensics, SIEM concepts, and security best practices
• Proven hands on experience with scripting (PowerShell, Bash, Perl, Tcl, Lua), programming (C/C++, C#, Python, JavaScript, .NET), packet analysis tools, and common security platforms (Google SecOps, MS Sentinel, CrowdStrike, Splunk, Qradar, LogRhythm, SolarWinds)
• Demonstrated communication, analytical, client facing and problem solving skills, with the ability to operate effectively in fast paced environments, off hours (nights/weekends/holidays), and shifting priorities
• Experience with IDS/IPS, firewalls (Snort, Cisco, Fortigate, Sourcefire), Windows and Unix based systems, LAN/WAN technologies, TCP/IP, OSI model, penetration testing tools (Metasploit, Nmap, Kali), and incident response workflows
• Ability to travel as required
• Applicants must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. KPMG LLP will not sponsor applicants for U.S. work visa status for this opportunity (no sponsorship is available for H 1B, L 1, TN, O 1, E 3, H 1B1, F 1, J 1, OPT, CPT or any other employment-based visa)