Associate Director, Cortex / XSOAR Operations

Position Overview

Known for being a great place to work and build a career, KPMG provides audit, tax and advisory services while fostering a culture of individual development, inclusivity, and innovative excellence. As an Associate Director, Cyber Operations in the Enterprise Security Services organization—working remotely—you will be a key contributor to driving security automation, incident response, and strategic integration of security platforms.

Key Responsibilities

• Assume full product ownership of the Cortex extended security orchestration and automation platform (XSOAR), defining its strategic vision and automation roadmap, and reporting on key performance metrics.
• Own and govern the entire CI/CD pipeline for security automation—from code authoring through automated testing and production deployment—to ensure releases are delivered with speed, quality, and security.
• Execute 24x7x365 security monitoring and incident response by developing and implementing automation playbooks in Cortex XSOAR to streamline event processing, triage, remediation, threat hunting, vulnerability management, and reporting.
• Spearhead the technical integration of disparate security platforms into Cortex XSOAR, centralizing security operations for comprehensive orchestration and automated response, including the enablement of AI-driven operations.
• Lead projects by managing deadlines and team deliverables while serving as a performance manager responsible for supervising, coaching, and mentoring junior staff.
• Drive strategic alignment across federated technology groups by fostering collaboration and serving as the key security automation subject matter expert, guiding business case development and performance reporting to executive leadership.
• Act with integrity, professionalism, and personal responsibility to uphold KPMG’s respectful and courteous work environment.

Required Qualifications

• At least eight years of combined project and operational experience in cybersecurity operations and incident response, with demonstrable expertise in Cortex SOAR platforms within highly regulated industries (e.g., financial or professional services).
• Bachelor’s degree from an accredited college or university is preferred. Relevant Cybersecurity certifications include CISSP, CCSP, CCSK, GSEC, GCIH, GCFE, GCFA, SC-200, CEH, AZ-900, among others.
• Hands-on experience in coding and implementing security processes, including playbooks, procedures, and security monitoring rules, with management oversight of security tools.
• Proven ability to lead and collaborate in a complex, matrixed environment, complemented by excellent communication skills and technical expertise across enterprise systems such as Linux, Windows, Active Directory, and SIEM platforms (e.g., Microsoft Sentinel).
• Skilled in developing resource plans and project estimations.
• Experience with Palo Alto Cortex products or other SOAR platforms is a plus.
• Must be authorized to work in the U.S. without employment-based visa sponsorship.

Benefits & Perks

• KPMG offers a comprehensive compensation and benefits package, including a Total Rewards program with medical, dental, vision, disability, and life insurance.
• 401(k) plans, along with a robust suite of personal well-being benefits to support your mental health.
• Personal Time Off per fiscal year, with additional breaks during the year (one at year end and one around the July 4th holiday).
• California Salary Range: $124,000 - $259,000

KPMG is an equal opportunity employer committed to fostering a diverse and inclusive workplace. All qualified applicants are considered without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, or veteran status. KPMG complies with all applicable federal, state, and local laws regarding recruitment and hiring.