Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join a global team to tackle cyber threats and enhance data security.
- Company: KPMG International, a leader in professional services with a focus on innovation.
- Benefits: Flexible working arrangements, competitive salary, and opportunities for professional growth.
- Why this job: Make a real impact in cybersecurity while collaborating with diverse teams worldwide.
- Qualifications: Experience in incident response and knowledge of data protection regulations.
- Other info: Dynamic work environment with a commitment to inclusion and diversity.
The predicted salary is between 36000 - 60000 £ per year.
Base Location: London or fully remote with occasional London travel.
About KPMG International
Together with more than 273,000 colleagues in 143 countries throughout our member firms, people at KPMG imagine big ideas and bring solutions to life for clients both big and small. A role with KPMG International will open a world of opportunity in your career. KPMG International helps set the strategy and protects the reputation of this global organization of independent professional services firms providing Audit, Tax and Advisory services. We deliver value to our member firms and drive positive change in the communities we serve. By joining us you will gain a unique understanding of how a global organization operates and work on projects that impact the whole organization.
About this Global Group
Global Technology & Knowledge provides crucial services to enable KPMG’s digital transformation, provide trusted technology services, ensure security across the network and accelerate our Collective Strategy.
About this Team
GISG (Global Information Security Group) is one of five domains within KPMG’s Global Technology & Knowledge group. GISG provides the information protection and technology infrastructure that secures KPMG’s technology environment and connects its network of member firms.
Role summary
The Cyber Security Incident Response Manager plays a pivotal role in identifying, investigating, and managing cyber and data handling incidents within KPMG’s Global Information Security Services (ISS) function. ISS delivers and oversees critical cybersecurity capabilities—including Security Monitoring & Response (SMR), Vulnerability Assessment & Secure Development (VASD), and Cyber Threat Intelligence (CTI)—across Global, Global Functions, and the broader KPMG network of member firms.
This position offers an exciting opportunity to join a progressive and innovation-driven security team, contributing directly to the evolution of the Cyber Security Incident Response Team (CSIRT) on a global scale. The role reports directly to the Global Cyber Security Incident Response (CSIRT) Lead.
The ideal candidate will bring knowledge in Cyber incident response, data protection, and regulatory compliance, along with the ability to collaborate effectively across functions to reduce risk and strengthen KPMG’s global data security posture.
Key Accountabilities
- Incident Detection & Response: Triage alerts reported by GSOC, Global functions and KPMG's network of member firms, including clients, supply chain and from Security tooling like DLP, CASB, XDR and SIEM. Contribute to the investigation and response to cyber and data handling incidents, including misdirected emails, unauthorized data access, and policy violations. Support containment, eradication, and recovery efforts for Cyber and data-related incidents.
- Root Cause Analysis & Reporting: Contribute to root cause analysis to determine the origin and impact of incidents. Document incidents thoroughly and support preparation of detailed reports for internal stakeholders and regulatory bodies as required.
- Cross-Functional Integration & Alignment: Collaborate with teams across Legal, HR, Compliance, Global Enterprise Technology (GET), Global Functions, RSD and key Member Firms to ensure appropriate incident handling and communications aligned to best practices. Contribute to the delivery of guidance and support on secure data handling practices. Support changes in standards and policies.
- Process Improvement: Identify gaps in detection and response processes and recommend improvements. Support the development and refinement of playbooks and standard operating procedures (SOPs) for cyber and data-related incidents. Support the evolution of the service.
- Training & Awareness: Support security awareness initiatives related to data handling and incident management and reporting. Contribute to the delivery of training to first-line responders and KPMG member firm security teams on incident escalation procedures.
Experience / Knowledge / Qualification
- Leadership & Strategic Experience: Proven experience in incident response, preferably with a focus on data protection and privacy incidents within highly regulated industries such as professional services, finance, healthcare, or energy.
- Technical Expertise in Cybersecurity & Incident Response: Experience with email security, cloud platforms, and endpoint protection. Strong understanding of DLP, CASB, SIEM, XDR and other security monitoring tools. Proven ability to manage and/or support response to complex security incidents and data breaches. Strong troubleshooting and problem-solving skills, with the ability to remain calm and effective under pressure.
- Risk, Governance & Regulatory Knowledge: Strong understanding of cyber and data risk factors impacting information security. Familiarity with data protection regulations (e.g., GDPR, HIPAA, CCPA). In-depth knowledge of cybersecurity regulations, standards, and best practices. High level of integrity and professionalism, with a commitment to ethical conduct and confidentiality. Ability to obtain and maintain security clearance where required.
- Communication & Stakeholder Engagement: Exceptional communication and interpersonal skills, with the ability to collaborate effectively across diverse global stakeholders. Strong analytical skills with the ability to assess and mitigate risks and influence decision-making at senior levels.
- Education & Certifications: Bachelor’s, Master’s, or PhD in Computing, Information Security, or a related field (or equivalent professional experience). Relevant certifications such as CISSP, CISM, GIAC (GCIH, GCFA), or CIPP are highly desirable.
Agile/Flexible Working
At KPMG International, we are supportive of helping you to achieve a balance between your home and work demands. We are happy to discuss individual requirements and our range of flexible working arrangements could be of interest.
KPMG International's commitment to inclusion & diversity
At KPMG International, we recognise that we need inclusion and diversity to be successful. We want to attract, retain and develop diverse talent at all levels.
Global CSIRT Senior Analyst employer: KPMG UK
Contact Detail:
KPMG UK Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Global CSIRT Senior Analyst
✨Tip Number 1
Do your homework on KPMG! Familiarise yourself with their values and recent projects. This will not only help you in interviews but also show that you're genuinely interested in the company.
✨Tip Number 2
Network like a pro! Connect with current employees on LinkedIn or attend industry events. A friendly chat can sometimes lead to insider tips or even a referral!
✨Tip Number 3
Prepare for situational questions. Think of examples from your past experiences that showcase your problem-solving skills, especially in high-pressure situations related to cybersecurity.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re serious about joining the team.
We think you need these skills to ace Global CSIRT Senior Analyst
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter for the Global CSIRT Senior Analyst role. Highlight your experience in incident response and data protection, as this will show us you understand what we're looking for.
Showcase Your Skills: Don’t just list your qualifications; demonstrate how your skills in cybersecurity tools like DLP, CASB, and SIEM have made a difference in your previous roles. We want to see how you can contribute to our team!
Be Clear and Concise: When writing your application, keep it straightforward. Use clear language and avoid jargon unless it's relevant. We appreciate a well-structured application that gets straight to the point.
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way to ensure your application reaches us and is considered for the Global CSIRT Senior Analyst position. Plus, you’ll find all the info you need there!
How to prepare for a job interview at KPMG UK
✨Know Your Cybersecurity Stuff
Make sure you brush up on your knowledge of incident response, data protection, and regulatory compliance. Be ready to discuss specific tools like DLP, CASB, and SIEM, as well as your experience with them. This will show that you're not just familiar with the concepts but can also apply them in real-world scenarios.
✨Prepare for Scenario Questions
Expect to be asked about past incidents you've managed or how you'd handle hypothetical situations. Think through a few examples where you successfully triaged alerts or conducted root cause analysis. This will help you demonstrate your problem-solving skills and ability to stay calm under pressure.
✨Show Your Collaborative Spirit
KPMG values teamwork, so be prepared to talk about how you've worked cross-functionally in the past. Highlight any experiences where you collaborated with legal, HR, or compliance teams to manage incidents. This will showcase your ability to communicate effectively and work well with diverse stakeholders.
✨Ask Insightful Questions
At the end of the interview, don’t forget to ask questions! Inquire about the team’s current challenges or how they measure success in incident response. This shows your genuine interest in the role and helps you understand if KPMG is the right fit for you.