Cyber Threat Intelligence Analyst

Location: Hong Kong
Job Type: Contract
Posted: 15 days ago
Contact: Sandy Hsu
Discipline:
Reference: 40819

 Overview
This role is part of the Group IT Function and will assist in the development and delivery of CTI initiatives, contributing to the Security Operations Centre (SOC) activities.
 
Key Responsibilities
  • Support the global cyber threat intelligence (CTI) operations for the SOC.
  • Assist in cyber security engagements with a focus on supporting Technical Security Assessments and Security Testing.
  • Compile and maintain weekly CTI reports to reflect the organization's cyber security posture.
  • Collaborate with vendors and the SOC team to ensure deliverables are met.
  • Conduct analysis of alerts, incidents, and information triggered by CTI services, documenting findings and recommending action steps for remediation.
  • Analyze vendor feeds (e.g., IOCs, IOAs, CVEs, threat reports) and provide recommendations for remediation actions.
  • Research and analyze CTI sources from OSINT to support threat detection efforts.
  • Communicate with internal teams regarding remediation steps, including vulnerability management and patching.
  • Work closely with various teams to facilitate technical discussions and assist in resolving technical issues impacting delivery.
 
Requirements
  • Bachelor’s degree in Computer Science or a related field.
  • 1-2 years of experience in a Cyber Threat Intelligence program or related area.
  • Basic understanding of security testing methods and techniques.
  • Experience of manual attack and penetration testing above and beyond the running of automated tools
  • Familiarity with security incident handling and an awareness of SOC operations is a plus.
  • Knowledge of various operating systems (e.g., UNIX, Linux, Windows) and security tools.
  • Understanding of fundamental cybersecurity concepts, including vulnerabilities, web and application security, and access controls.
  • Familiarity with frameworks such as MITRE ATT&CK, NIST CSF, and OWASP Top Ten is a plus, but not required.
  • Ability to work independently while maintaining efficiency.
  • Strong problem-solving skills and a willingness to learn quickly.
  • Excellent interpersonal and communication skills.
  • Good command of written and spoken English and Chinese (Mandarin and Cantonese) is preferred.