Kpmg India Services Llp

Lead SOC Analyst-Assistant Manager-MFT-KGS CH

Kpmg India Services Llp
Gurgaon/Gurugram
Not disclosed
Work from OfficeWork from Office
Full TimeFull Time
Min. 5 yearsMin. 5 years

Job Description

Lead SOC Analyst-Assistant Manager-MFT-KGS CH

The Lead SOC Analyst is a senior member of the Incident Response & Investigations team within the Operational Security function of KPMG Group Digital. 

This role provides advanced technical expertise in detection, investigation, and response to cybersecurity incidents. Operating at Grade D, the Lead SOC Analyst acts as a senior escalation point within the SOC, handling complex and high‑severity incidents, supporting junior analysts during investigations, and contributing to the effective day‑to‑day operation of SOC processes and tooling. 

The role is hands‑on and technically focused, with responsibility for the quality and accuracy of investigations performed, rather than formal people or operational management.

Incident Response & Investigation:

• Perform triage, investigation, containment, and remediation activities for complex and high‑severity cybersecurity incidents. 

• Act as a senior technical escalation point during incident handling, providing guidance and direction to analysts as required. 

• Participate in incident bridges, contributing clear technical updates and investigative findings. 

• Conduct forensic data collection and analysis across endpoints, network, cloud, and identity sources. 

• Produce accurate and well‑structured incident timelines, investigation notes, and post‑incident summaries. 

• Support post‑incident reviews by contributing technical insights and lessons learned. 

Detection & Threat Monitoring: 

• Review and investigate alerts generated from SIEM, EDR, cloud security, and identity platforms. 

• Support the tuning and refinement of detection rules to improve alert quality and reduce false positives. 

• Conduct threat‑hunting activities under defined hypotheses, using available telemetry and analytical techniques. 

• Identify gaps in visibility or logging and raise these with senior analysts or engineering teams. 

SOC Tooling & Automation Support:

 • Use SOC tooling effectively to support investigations and response activities. 

• Contribute ideas and feedback to improve SOC workflows, automation, and playbooks. 

• Assist with the validation and testing of changes to SOC tools and automated response processes. 

• Highlight tooling issues or limitations that impact investigation effectiveness. Governance, Process & Assurance Support 

• Support internal and external audit activities by providing investigation evidence and technical input when requested. 

• Follow established SOC procedures and ensure investigations are documented accurately and consistently. 

• Contribute to the maintenance of SOC documentation, playbooks, and operational procedures. 

• Participate in lessons‑learned activities and contribute suggestions for process improvement. 

Team & Stakeholder Interaction: 

• Provide informal guidance and support to junior analysts during investigations, helping to improve analysis quality. 

• Share technical knowledge and investigative techniques with peers through day‑to‑day collaboration. 

• Communicate technical findings clearly to SOC leads and relevant stakeholders during incidents. 

• Work collaboratively with Legal, Risk, Privacy, Crisis Management, and Global SOC teams when required. 

Operational Support:

• Support daily SOC monitoring activities during periods of increased workload or incident activity. 

• Assist with escalation handling for complex alerts or investigations. 

• Maintain a high standard of investigative quality and professional conduct during operational activity.

Required Skills & Experience: 

• Experience working in a SOC, incident response, or cybersecurity investigation role. 

• Strong understanding of common attack techniques, threat actor behaviours, and investigative methodologies. 

• Ability to analyse security alerts and logs across SIEM, EDR, cloud, identity, and network security tools. 

• Experience with scripting or automation (e.g. Python, PowerShell) is advantageous. 

• Familiarity with frameworks such as MITRE ATT&CK, NIST CSF, or equivalent. 

• Strong written and verbal communication skills, with the ability to explain technical findings clearly. 

• Ability to work effectively under pressure during incident scenarios.

Preferred Qualifications:

• Relevant industry certifications such as CompTIA CySA+ or Microsoft Certified: Security Operations Analyst Associate (SC-200). 

• Hands‑on experience with EDR, SOAR, or forensic tooling. 

• Experience participating in threat‑hunting activities or security exercises. 

• Exposure to tabletop or incident‑response simulations. 

• Certifications or demonstrated expertise in Microsoft security technologies related to Sentinel, Purview, or Microsoft Defender suites (e.g., Microsoft 4 of 4 Certified: Information Protection Administrator Associate (SC-400), Microsoft Certified: Azure Security Engineer Associate (AZ-500))

 

Experience Level

Senior Level

Job role

Work location
Work locationGurgaon, Haryana, India
Department
DepartmentIT & Information Security
Role / Category
Role / CategoryIT Security
Employment type
Employment typeFull Time
Shift
ShiftDay Shift

Job requirements

Experience
ExperienceMin. 5 years

About company

Name
NameKpmg India Services Llp
Job posted by Kpmg India Services Llp

Similar jobs you can apply for

IT Security
Ernst & Young LLP ( EY India )

Network Security Engineer

Ernst & Young LLP ( EY India )
Gurgaon/Gurugram
Work from Office
Full Time
Min. 5 years
BT Group

Network Engineer

BT Group
Gurgaon/Gurugram
Work from Office
Full Time
Min. 2 years
Cushman and Wakefield

Senior Engineer

Cushman and Wakefield
Gurgaon/Gurugram
Work from Office
Full Time
Min. 5 years

Network Security Engineer

Aristocrat Technologies
Gurgaon/Gurugram
Work from Office
Full Time
Min. 10 years
Fidelity International

Test Analyst

Fidelity International
Gurgaon/Gurugram
Work from Office
Full Time
Min. 5 years

Network Security Engineer

Aristocrat Technologies
Gurgaon/Gurugram
Work from Office
Full Time
Min. 10 years

You can expect a minimum salary of 0 INR. The salary offered will depend on your skills, experience and performance in the interview.

The candidate should have completed the required education and people who have 5 to 31 years are eligible to apply for this job. You can apply for more jobs in Gurgaon/Gurugram to get hired quickly.

The candidate should have sound communication skills and sound communication skills for this job.

Both Male and Female candidates can apply for this job.

No, it's not a work from home job and can't be done online. You can explore and apply for other work from home jobs in Gurgaon/Gurugram at apna.

No work-related deposit needs to be made during your employment with the company.

Go to the apna app and apply for this job. Click on the apply button and call HR directly to schedule your interview.

The last date to apply for this job is . For more details, download apna app and find Full Time jobs in Gurgaon/Gurugram . Through apna, you can find jobs in 64 cities across India. Join NOW!

Lead Security Operations Center (SOC) Analyst in Kpmg India Services Llp | apna.co