Job Description
About KPMG in India
KPMG entities in India are professional services firm(s). These Indian member firms are affiliated with KPMG International Limited. KPMG was established in India in August 1993. Our professionals leverage the global network of firms, and are conversant with local laws, regulations, markets and competition. KPMG has offices across India in Ahmedabad, Bengaluru, Chandigarh, Chennai, Gurugram, Jaipur, Hyderabad, Jaipur, Kochi, Kolkata, Mumbai, Noida, Pune, Vadodara and Vijayawada.
KPMG entities in India offer services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused and technology-enabled services, which reflect a shared knowledge of global and local industries and our experience of the Indian business environment.
Responsibilities
- Administer, maintain, and optimize the Microsoft Sentinel SIEM platform
- Onboard and manage log sources across cloud and on prem systems
- Create and fine ‑ tune:
- Analytics rules
- Custom use cases
- Workbooks and dashboards
- Automation playbooks (Logic Apps)
- Monitor SIEM health, performance, and capacity
- Manage threat detection configurations and improve alert fidelity
- Work closely with SOC teams to enhance detection and response capabilities
- Implement and maintain data ingestion pipelines using Log Analytics
- Maintain KQL queries, scheduled rules, incident workflows, and watchlists
- Troubleshoot ingestion failures, connector issues, and platform errors
- Conduct periodic upgrades, patching, and platform hygiene tasks
- Ensure compliance with internal security policies and audit requirements
- Support the integration of EDR, cloud security tools, IAM systems, and network devices
- Document SIEM architecture, processes, and configuration changes
Qualifications
- 5+ years of hands ‑ on experience in SIEM administration
- Strong expertise in Microsoft Sentinel and Azure Log Analytics
- Proficiency in Kusto Query Language (KQL)
- Experience onboarding log sources (Azure AD, Defender, Firewalls, EDR, Servers, Applications)
- Knowledge of SOAR automation using Logic Apps
- Strong understanding of security monitoring, threat detection, and response workflows
- Solid knowledge of security concepts including:
- Network security
- Cloud security (Azure preferred)
- Identity security
- MITRE ATT&CK framework
- Experience with incident lifecycle management
- Strong troubleshooting and analytical skills
Equal employment opportunity information
KPMG India has a policy of providing equal opportunity for all applicants and employees regardless of their color, caste, religion, age, sex/gender, national origin, citizenship, sexual orientation, gender identity or expression, disability or other legally protected status. KPMG India values diversity and we request you to submit the details below to support us in our endeavor for diversity. Providing the below information is voluntary and refusal to submit such information will not be prejudicial to you.
