Cyber Security Specialist - IT (Security Management)
- Write threat reports on identified emerging threats
- Conduct red-team (attack simulation) and blue-team (fine tuning of detection and protection policies) exercise
- Threat hunting based on defined threat model for the company and attack scenarios
- Feed threat intelligence into SOC operation to speed up incident identification, response and investigation
- Able to analyze cybersecurity threats that may impact the company, including the information from security news, threat reports, threat intelligence feeds, social media etc.
- Should be familiar with the operating environment of the company and search through security events to spot internal and insider threats
- Able to translate identified threats into IOCs
- Able to implement the IOCs detection and prevention by existing security controls. Ideally automate this process.
- Able to identify gaps/weaknesses in SOC monitoring capability by mapping detection rules, e.g. SIEM use cases, Carbon Black watchlists, Darktrace models, TrapX traps and deception tokens etc, to attack kill chain model, i.e. MITRE ATT&CK framework.
- Able to perform malware analysis and using sandbox for detailed investigation
- Experience on using Threat Intelligence Platform (TIP) to review and analyze cybersecurity threats
- Member of ISAC (or similar professional bodies) to view and share security information with the peers in the industry
- Good contact with local threat intelligence groups
- Good report writing and presentation skills
- Previous working experience on security operation or security engineering
- Experience on penetration testing, red-team exercise and compromise assessment
- Experience with SOC automation tools on translating threat reports to IOCs and automating the response for alerting and blocking
- Understand threat intelligence sharing, e.g. STIX/TAXII protocol and TTPs
- Security certification - CISSP, GCIH, OSCP, CEH etc
Applicants who do not hear from us within 6 weeks may consider their applications unsuccessful. Personal data provided will only be used for the purpose of employment application to HKEX.