Lead SOC Analyst-Assistant Manager-MFT-KGS CH
Kpmg India Services LlpJob Description
Lead SOC Analyst-Assistant Manager-MFT-KGS CH
The Lead SOC Analyst is a senior member of the Incident Response & Investigations team within the Operational Security function of KPMG Group Digital.
This role provides advanced technical expertise in detection, investigation, and response to cybersecurity incidents. Operating at Grade D, the Lead SOC Analyst acts as a senior escalation point within the SOC, handling complex and high‑severity incidents, supporting junior analysts during investigations, and contributing to the effective day‑to‑day operation of SOC processes and tooling.
The role is hands‑on and technically focused, with responsibility for the quality and accuracy of investigations performed, rather than formal people or operational management.
Incident Response & Investigation:
• Perform triage, investigation, containment, and remediation activities for complex and high‑severity cybersecurity incidents.
• Act as a senior technical escalation point during incident handling, providing guidance and direction to analysts as required.
• Participate in incident bridges, contributing clear technical updates and investigative findings.
• Conduct forensic data collection and analysis across endpoints, network, cloud, and identity sources.
• Produce accurate and well‑structured incident timelines, investigation notes, and post‑incident summaries.
• Support post‑incident reviews by contributing technical insights and lessons learned.
Detection & Threat Monitoring:
• Review and investigate alerts generated from SIEM, EDR, cloud security, and identity platforms.
• Support the tuning and refinement of detection rules to improve alert quality and reduce false positives.
• Conduct threat‑hunting activities under defined hypotheses, using available telemetry and analytical techniques.
• Identify gaps in visibility or logging and raise these with senior analysts or engineering teams.
SOC Tooling & Automation Support:
• Use SOC tooling effectively to support investigations and response activities.
• Contribute ideas and feedback to improve SOC workflows, automation, and playbooks.
• Assist with the validation and testing of changes to SOC tools and automated response processes.
• Highlight tooling issues or limitations that impact investigation effectiveness. Governance, Process & Assurance Support
• Support internal and external audit activities by providing investigation evidence and technical input when requested.
• Follow established SOC procedures and ensure investigations are documented accurately and consistently.
• Contribute to the maintenance of SOC documentation, playbooks, and operational procedures.
• Participate in lessons‑learned activities and contribute suggestions for process improvement.
Team & Stakeholder Interaction:
• Provide informal guidance and support to junior analysts during investigations, helping to improve analysis quality.
• Share technical knowledge and investigative techniques with peers through day‑to‑day collaboration.
• Communicate technical findings clearly to SOC leads and relevant stakeholders during incidents.
• Work collaboratively with Legal, Risk, Privacy, Crisis Management, and Global SOC teams when required.
Operational Support:
• Support daily SOC monitoring activities during periods of increased workload or incident activity.
• Assist with escalation handling for complex alerts or investigations.
• Maintain a high standard of investigative quality and professional conduct during operational activity.
Required Skills & Experience:
• Experience working in a SOC, incident response, or cybersecurity investigation role.
• Strong understanding of common attack techniques, threat actor behaviours, and investigative methodologies.
• Ability to analyse security alerts and logs across SIEM, EDR, cloud, identity, and network security tools.
• Experience with scripting or automation (e.g. Python, PowerShell) is advantageous.
• Familiarity with frameworks such as MITRE ATT&CK, NIST CSF, or equivalent.
• Strong written and verbal communication skills, with the ability to explain technical findings clearly.
• Ability to work effectively under pressure during incident scenarios.
Preferred Qualifications:
• Relevant industry certifications such as CompTIA CySA+ or Microsoft Certified: Security Operations Analyst Associate (SC-200).
• Hands‑on experience with EDR, SOAR, or forensic tooling.
• Experience participating in threat‑hunting activities or security exercises.
• Exposure to tabletop or incident‑response simulations.
• Certifications or demonstrated expertise in Microsoft security technologies related to Sentinel, Purview, or Microsoft Defender suites (e.g., Microsoft 4 of 4 Certified: Information Protection Administrator Associate (SC-400), Microsoft Certified: Azure Security Engineer Associate (AZ-500))
Experience Level
Senior LevelJob role
Job requirements
About company
Similar jobs you can apply for
IT Security
Network Security Engineer
Ernst & Young LLP ( EY India )
Network Engineer
BT GroupSenior Engineer
Cushman and WakefieldNetwork Security Engineer
Aristocrat Technologies
Test Analyst
Fidelity InternationalNetwork Security Engineer
Aristocrat TechnologiesYou can expect a minimum salary of 0 INR. The salary offered will depend on your skills, experience and performance in the interview.
The candidate should have completed the required education and people who have 5 to 31 years are eligible to apply for this job. You can apply for more jobs in Gurgaon/Gurugram to get hired quickly.
The candidate should have sound communication skills and sound communication skills for this job.
Both Male and Female candidates can apply for this job.
No, it's not a work from home job and can't be done online. You can explore and apply for other work from home jobs in Gurgaon/Gurugram at apna.
No work-related deposit needs to be made during your employment with the company.
Go to the apna app and apply for this job. Click on the apply button and call HR directly to schedule your interview.
The last date to apply for this job is . For more details, download apna app and find Full Time jobs in Gurgaon/Gurugram . Through apna, you can find jobs in 64 cities across India. Join NOW!