Incident Response Security Analyst, Associate or VP



  • 上海
  • 长期
  • Ref ID: BBBH831957
  • 23 Nov 2022
  • ¥61k - ¥80k 月薪

Job Description

Inverstment Banking / Financial Institution

Primary Responsibilities
* Investigate cyber security incidents and threats.
* Interact with stakeholders and leadership teams as part of the response
and remediation efforts.
* Improve the detection, escalation, containment and resolution of
* Enhance existing incident response methods, tools, and processes.
* Maintain knowledge of technologies and the threat landscape.
* Assist during non-core business hours during an emergency, critical or

* Fluent in both oral and writing English to be able to communication with
global team, at meanwhile Chinese mandarin speaking is required to be
able to work closely with local vendors and internal clients
* Deep understanding of china cyber footprint, ideally familiar with China
cyber related regulations(good to have)

Required Skills
* 7+ years experiences (or equivalent) with Security Analysis and Incident
Response (i.e. working in SOC/CIRT/CSIRT/CERT).
* Bachelors in Computer Science or Information Systems or related field.
Subject matter expert in multiple areas such as Windows, Unix, firewalls,
intrusion detection, network and host based forensics.
* Understand the totality of a threat across multiple technologies and think
like an adversary.
* Sound understanding of TCP/IP and networking concepts; security alerts
and incidents.
* Excellent writing and presentation skills are required in order to
communicate findings, recommendations and provide status on ongoing
* Experience with investigating common types of attacks; network packet
analysis; log analysis and reviewing security events.
* Ability to build mitigations to defend against network based threats.
* Experience with developing response workflow for security event.
* Experience of tearing apart a piece of malware to understand attack
vector and purpose.
* Ability to develop and maintain professional contacts in the security
* Ability to work independently.

Team Profile
We are looking for a Security Analyst to join the firm's Cyber Incident
Response Team (CIRT). The global CIRT is a 24/7 operation with members in key
geographical locations; performing incident response and remediation, campaign
assessments, network and host based forensics. Security Analysts work core hours in their region with an on-call rotation for critical incidents.

The role will be located within China. In addition to regular CIRT
duties, this role will also be responsible for the development of the Firms security
monitoring and response capability within the China network, developing
technologies to support the Firms security aspirations within the region.
This role requires a detail-oriented, critical thinker who can anticipate issues and
solve problems. Candidates should be able to analyze large datasets to detect
underlying patterns and drive to a root cause analysis.