Information Security Automation Specialist

Location: Aberdeen, Birmingham & Other locations

Locations: Aberdeen, Birmingham, Bristol, Cambridge, Cardiff, Edinburgh, Gatwick, Glasgow, Leeds, Liverpool, London, Manchester, Milton Keynes, Newcastle upon Tyne, Nottingham, Reading, South Coast - Southampton, Watford

Capability: International

Experience Level: Manager

Type: Full Time

Service Line: International

Contract type: Permanent

Job Title/Req Number: Information Security Automation Specialist 106271

KPMG International helps set the strategy and protects the reputation of this global organization of independent professional services firms providing Audit, Tax, and Advisory services. We deliver value to our member firms and drive positive change in the communities we serve. By joining us, you will gain a unique understanding of how a global organization operates and work on projects that impact the whole organization. From setting standards and best practices to developing innovative tech-enabled solutions for clients, you'll be part of a global team changing the way our business operates. We look forward to welcoming you to our team.

KPMG is one of the world's largest and most respected consultancy businesses. We've supported the UK through times of war and peace, prosperity and recession, political and regulatory upheaval. We've proudly stood beside the institutions and businesses which make the UK what it is.

Why Join KPMG

The core services provided by Global Technology & Knowledge are more crucial than ever to our future, as we enable KPMG's digital transformation, provide trusted technology services, ensure security across the network, and accelerate our Collective Strategy. Our ways of working are based on customer-centricity, communities of expertise, an optimized delivery model, flexibility, a culture of empowerment, and fulfilling careers. We are organized under five new 'domains': Technology Portfolio Delivery, Global Enterprise Technology, Technology Strategy & Blueprint, Global Information Security Group, and Business Operations. This is an exciting time for us as we continue to drive technology excellence at the heart of Collective Strategy v3.0, with our GT&K colleagues playing a pivotal role.

About this Team

As part of the Global Information Security Group (GISG), the Information Security Services (ISS) team, including the Global Security Operations Center (GSOC), helps defend KPMG and its clients from cyber-attacks through timely detection, investigation, and remediation of potential threats.

What will you be doing?

• Developing SOAR Playbooks, programming new API integrations, developing new automation tasks, and maintaining them.
• Managing installation, maintenance, and support of GSOC tools hosted on multiple environments including physical Data Centres, Azure public cloud, and O365.
• Coordinating with vendors, other KPMG teams, and business stakeholders on design and setup activities at different project stages.
• Documenting system designs, builds, and modifications.
• Delivering user training and creating training materials.
• Monitoring systems, resolving issues, and preparing status reports.
• Managing support cases to ensure issues are recorded, tracked, resolved, and followed up promptly.

What will you need to do it?

• Intermediate to advanced software development/programming skills.
• An Information or Cyber Security qualification is preferred but not essential: certifications such as CompTIA, CISSP, CISSM, CISMP, GIAC, CEH, or equivalent.
• Experience with RESTful APIs, including development.
• Excellent written and oral communication skills.
• Ability to document processes and procedures professionally.
• Experience working with vendors and solution providers.
• Proficiency in modern programming languages.
• Experience with system integration using RESTful APIs.
• Knowledge of Automation, Workflow, Orchestration, and BPM.
• Ability to query large datasets.
• Experience working in operational roles with strict SLAs.

Skills we'd love to see / Amazing Extras:

• Experience in Security Operations environments.
• Experience with SIEM solutions, preferably Azure Sentinel.
• Experience developing and configuring SOAR tools such as XSOAR or Azure Logic Apps with Azure Functions.
• Knowledge of Query Languages, preferably KQL.
• Good understanding of Microsoft Azure and O365 solutions.
• Experience managing Unix/Linux servers.

To discuss this or other Technology roles, apply by creating a profile, uploading your CV, and beginning your journey with KPMG.

Our Locations:

We are open to talent across the UK, with core hubs in:

• Glasgow
• Leeds
• London Canary Wharf
• Manchester

We offer flexible working options, including office work, remote work, flexible hours, and part-time roles. Please discuss your needs with our team.

Find out more:

Explore our divisions and specialisms within Tech and Engineering. For additional support, visit our application support links.

As part of a global network, we provide services across Audit, Tax & Law, Consulting, Deal Advisory, and Technology. We value diversity, inclusion, and support flexible working arrangements. We welcome applications from those returning to work after a career break. We are members of the Business Disability Forum and support accessibility needs during the application process.

Note: We do not accept speculative CVs from agencies. Please see our agency policy.