Find your career

Find Your Career

Choose your

Practice Area

Director, Solution Management (Managed Detection & Response- SOC Analyst Lead)

Orlando, Florida


Apply now

Director, Solution Management (Managed Detection & Response- SOC Analyst Lead)

Requisition #: 70663

Practice Area: Advisory

Location: Denver, CO; Washington, DC; Orlando, FL; Atlanta, GA; Chicago, IL; Grand Rapids, MI; Raleigh, NC; New York, NY; Dallas, TX

The KPMG Advisory practice is currently our fastest growing practice. We are seeing tremendous client demand, and looking forward we don't anticipate that slowing down. In this ever-changing market environment, our professionals must be adaptable and thrive in a collaborative, team-driven culture. At KPMG, our people are our number one priority. With a wealth of learning and career development opportunities, a world-class training facility and leading market tools, we make sure our people continue to grow both professionally and personally. If you're looking for a firm with a strong team connection where you can be your whole self, have an impact, advance your skills, deepen your experiences, and have the flexibility and access to constantly find new areas of inspiration and expand your capabilities, then consider a career in Advisory.

KPMG is currently seeking a Director to join our Advisory Services practice.


  • Formulate and define the strategic direction for Managed Detection & Response as a managed service; grow pipeline of the solution, by working closely with internal and external channels; identify and create pull through opportunity for other managed services and consulting services. Keep abreast of industrial, technology and business trends
  • Perform investigation and orchestration for complex/high severity security alerts, threats or incidents; provide the people, process and technology background to ensure timely detection, identification and alerting of possible attacks/intrusions, anomalous activities, intrusion attempts/compromises, malicious behavior, insider risk and misuse activities to distinguish these incidents from benign activities; isolate, triage and eradicate malicious behaviors
  • Serve as the lead point of contact facilitating incident response orchestration with client; lead research, analysis and correlation efforts across a variety of all source data sets/collectors, log collectors and threat feeds to inform and guide the strategic direction of the offering; monitor competitive landscape in pricing, capabilities and offerings to analyze and report system security posture trends
  • Direct technical product managers in developing new or modified solutions for Managed Detection and Response; as a leader of a team, ensure that the right things are being worked on at the right time, and ensure quality throughout; working with value architect to create pricing for opportunities
  • Provide ongoing strategic context for your team and clients, educating, sharing and capturing qualitative and quantitative metrics that corroborate decision making
  • Develop and maintain materials to communicate offering, value proposition and customize it to individual opportunity; analysis of alerts from Security Event and Information Management tools, ideally Azure Sentinel (not required); create and develop SOC processes and procedures, lead strategy development, methodology and execution of Use Case Catalog working with Level 1, Level 2 and Level 3 Analysts


  • Minimum ten years of recent experience leading Enterprise Security Operations Centers or Managed Detection and Response analyst or incident response teams in any of the following: lead security operations center analyst (L3), threat hunting, penetration testing, digital forensics, incident response, recognizing and categorizing organizational vulnerabilities and attacks, on-prem, hybrid and cloud security concepts and protocols, providing customer technical readiness, delivery support services, on premise and remote technical support, solution development, technical requirements gathering; thought leadership, broad evangelism through events (presentation skills) or related
  • Bachelor's or Master's degree from an accredited college or university or an equivalent experience in lieu of degree
  • Certifications: CEH, GIAC, OSCP, CREST, GCIH, CCIA, GPEN, Platform Certifications (Microsoft, Splunk, QRadar, etc.); experience with one or more of the following: Cyber-Security solutions, Security Operation Center, Threat Intelligence Management, Vulnerability Research, Digital Forensics, Incident Response, Endpoint Management, Network Security; experience with Microsoft Security Suite and Microsoft Azure
  • Product Management experience with Software as a Service (SaaS) or Infrastructure as a Service (IaaS) offerings for enterprises; experience in the enterprise software market and with services / product companies; demonstrated understanding of the techniques and methods of modern product discovery and product delivery; knowledge of a global, 24/7, high availability and high trust operation aspects of managed services; familiarity with engineering work of a security operation center; three years Level 3 SOC Analyst experience
  • Experience developing and analyzing reports generated of SIEM tools; advanced understanding of operating system, application, network, etc. and exploitation techniques.
  • Reverse Malware Analysis; incident Response and handling methodologies, procedures and execution. Background performing packet-level analysis; experience with tools such as; Nslookup, Kali Linux, Traceroute, Nmap, Nikto, NetStumbler, Metasploit, Wireshark, Aircrack Intruder, etc.; experience with network-based User and Entity Behavior Analytics
  • Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future
  • Ability to travel as necessary

Colorado Salary Statement:

The salary range displayed is specifically for those potential hires who will work or reside in the state of Colorado if selected for the role.  Any offered salary is determined based on internal equity, internal salary ranges, market data/ranges, applicant’s skills and prior relevant experience, certain degrees and certifications (e.g. JD/technology), for example.

Colorado Salary Range: Low: $103300 - High: $221400

KPMG LLP (the U.S. member firm of KPMG International) offers a comprehensive compensation and benefits package. KPMG is an affirmative action-equal opportunity employer. KPMG complies with all applicable federal, state and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other category protected by applicable federal, state or local laws. The attached link contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws. No phone calls or agencies please.

Apply now