Threat Intelligence Analyst (MNC Retail)

Cybersecurity | Threat Intelligence | Security Operations

Your new company

This prestigious MNC Retail conglomerate is looking for a junior Threat Intelligence Analyst with experience in Cybersecurity and Threat Intelligence to join its dynamic business here in Hong Kong. The company also possesses the ability to provide you with the resources and training to both grow and succeed within the role while also providing possible avenues for further career development.

Your new role

This role will be accountable for the CTI Technical Security Assessment and Security Testing and support, technical analysis, remediation recommendation associated with the SOC operations. The individual requires full coordination with various teams on aligning the deliverables and resolving technical issues.

Support the global cyber threat intelligence (CTI) operations for SOC
Participate in cybersecurity engagements with a focus on Technical Security Assessment and Security Testing
Compile weekly CTI reports to reflect the cybersecurity posture
Align with the vendors and the SOC team on the deliverables
Conduct analysis/ testing on the alerts/ incident/ information triggered by the CTI services, and report the findings and recommendations on the action steps such as remediation plan, detection rule design and build, etc.
Conduct analysis/ testing on the feeds from the vendors (i.e., IOCs, IOAs, CVEs, threat reports) and provide the recommendations and remediation actions
Investigate the CTI source from OSINT and conduct the vulnerability POC verification and testing in the SOC lab
Communicate with the other parties of the in-house units on remediation steps (e.g., vulnerability management, patching etc.)
Work closely with internal teams on the delivery, understand/ facilitate technical discussions with various teams and help support and resolve technical issues impacting the delivery
Close liaison with vendors for the delivery of services, including the implementation, the configuration, the associated risks, the SLA compliance, the reporting and the KPI

What you'll need to succeed

Degree holder in Computer Science or related disciplines. Certified Ethical Hacker (CEH), Offensive Security Certified Professional certification (OSCP) or GIAC Penetration Tester (GPEN) are preferred.
At least 1–2 years experience of CTI program
- Experience of manual attack and penetration testing above and beyond the running of automated tools
- Experience of security testing methods and techniques including network, operating and application system configuration review and internal/external penetration testing
- Good understanding of security incident handling and SOC operating model are a big plus.
- Strong technical or security skills related to a broad range of operating systems, databases or security tools, e.g., UNIX, Linux, Windows, firewalls, etc
- Broad knowledge of cybersecurity concepts including vulnerabilities, web and application security, access controls and secure architectures
- Familiar with the MITRE ATT&CK Framework, NIST CSF, CIS Controls, Threat modelling, OWASP Top Ten Most Critical Web Application Security Risks
Ability to work independently with little or no supervision while maintaining a high level of efficiency
Strong problem-solving skills and fast learner
Liaison skill & teamwork, passion & commitment mentality
Good interpersonal and communication skills
Good command of written and spoken English and Chinese (Mandarin and Cantonese)

What you'll get in return

Competitive compensation package
Further professional growth within Cybersecurity and the Global Retail space
Stable working culture and environment

What you need to do now

For further details or a confidential discussion on other opportunities in Technology, please contact Justin Dionaldo at Hays on 2230 7930 or email justin.dionaldo@hays.com.hk
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.