Threat Intelligence Associate

2022-05-18

Information Technology, Cyber Security

Financial Services

Michelle Lu

Background Information:

Our client is looking for a Cyber Security professional as part of Global Cyber Threat intel function, for Asia ex Japan (AEJ) region. You will be a member of AEJ IT Security team, supporting regional and global cyber security and cyber threat intelligence. You will be required to understand the threat from cyber criminals and nation states, develop a deep knowledge of malware threats, support and lead cyber investigations, support brand protection, and manage reputational threats.

You will be required to respond to relevant threats by producing intelligence reports, manage digital risk and respond to cyber incidents. You are required to have excellent communication skills and work with teams across the globe. You will be required to coordinate with SOC, regional CSIRT, Penetration Testing and Red Teams.

Job Responsibilities:

Support global Cyber Threat Intel in developing a strong understand of client's regional threat landscape, understand how the threats are evolving and support the development of measures to protect against them
Collect, process and analyze data points to produce internal intelligence reports
Manage intelligence and work closely with the global IT security team to triage for the region
Support and maintain relationships with other corporate functions
Coordinate with SOC, Vulnerability Management, Digital Risk, Threat Hunting and others to enhance overall AEJ cyber security management programs
Support the AEJ IT Security team with queries around threat intelligence and digital risks
Work with external agencies and information sharing networks when needed
Occasional off-hours and weekend work required
Support programs of Red Teaming, Penetration Tests, Bug Bounty or RDP for AEJ
Support compliance of various regulatory requirements in AEJ, including internal audit queries related to Cyber Threat Intel
Support regional reporting needs including to boards, executive committees, CIO office and tech governance forum

Michelle Lu

2022-05-18

Information Technology, Cyber Security

Financial Services

Job Qualifications:

Min 5 years of experience in government intelligence or public sector intelligence background, cyber threat intelligence and security operations, or cyber investigations and incident response.
Bachelor's degree required; higher education preferred
Knowledge, understanding and demonstrable experience of applying the intelligence cycle to cyber threat intelligence or similar work
Proficient with OSINT gathering techniques and dark web monitoring concepts
Strong verbal and written communication skills, interpersonal collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences
Experience tracking and understanding threats from: Nation State Threat Actors, Cyber Crime, Extremist Groups and Cyber Terrorists, Hacktivism, Malware, Vulnerabilities, Fraud and Social Engineering Techniques, BEC, APT and spear phishing
Solid understanding of geopolitics and how this affects nation state cyber security
Analysis of threat actor tactics, techniques and procedures
Must have strong analytical skills and attention to detail
Possess the ability to multi-task , prioritize and manage time effectively

Additional Requirements:

Analysis of malware, hacking tools, and advanced threat actor TTPs
Understanding of and experience with modern technical security controls and technologies, such as TIP's, SOAR's, firewalls, SIEMs, IPS, HIPS, web proxies, etc
Knowledge of cyber threat intelligence models ( e.g. MITRE ATT&CK, Kill chain, Diamond Model)
Knowledge of methodologies and techniques for identifying, prioritizing, and classifying cyber threats
Background of Vulnerability Management, Threat Hunting, Red Teaming, Penetration testing
Sufficient background in Cyber Security incidence response, incident investigations and forensic.
Financial Industry/Banking Experience preferred
Min 2 years and above of experience in a Security Operations Center or Cyber Security Incident Response Teams
Preferred Security certifications (e.g. Security+, GCIA, GCIH,CISSP)