Cyber Intelligence Analyst

Our client is well-established commercial electric company who is now looking for the Cyber Intelligence Analyst to join the team.

Job responsibilities:

• Serve as the analyst in the cybersecurity operations team, responsible for intelligence-led security operations.
• Monitor cyber threats and assess the latest threat landscape and security posture to anticipate necessary detection and response measures in security operations.
• Analyze security indicators (e.g., IoC, IoA), as well as the tactics, techniques, and procedures (TTP) of threat groups, ensuring coverage for anomaly detection and prevention within the SOC.
• Conduct intelligence-led analysis and investigations to identify potential threat actors and their attack methods, supporting root cause analysis and providing remediation recommendations.
• Perform threat hunting within the environment to uncover assets that may be vulnerable to future attacks.
• Coordinate and collaborate with counterparts and external stakeholders to foster effective partnerships and support various initiatives.
• Support the vulnerability management cycle for assets and networks, including prioritization, and integrating vulnerability intelligence into SOC operations.
• Assist in continuous improvement efforts for SOC operations by supporting gap analysis activities and implementing automation solutions.

Job requirements:

• Bachelor’s degree in computer science, Information Technology, or a related field.
• Professional cyber security certifications, e.g. CISSP, CISM, CISA, GCTI, CTIA, or equivalent professional.
• At least 3 years in a cyber security discipline and at least 1 year in cyber security operations with intelligence hands-on.
• Strong understanding of cyber threats, vulnerabilities, TTPs, intelligence lifecycle, IR lifecycle, and security operations.
• Comprehensive understanding of Cyber Kill Chains, MITRE ATTACK Framework, or other relevant standards.
• Familiarity with cyber security tools, including OSINT, and services.
• Proven organizational, collaboration and interpersonal skills to work effectively with stakeholders for delivering intelligence of products.
• Demonstrable ability in producing and communicating technical and non-technical reporting across functional teams for briefing on a specialized subject.
• Able to work outside of regular office hours to respond to emerging critical threats and incidents.
• Knowledge of Operational Technology (OT) and Artificial Intelligence (AI) will be a significant advantage.
• Proficiency in spoken and written English and Chinese.