Analyst, Threat Intelligence, Information Security

REQ12937 Analyst, Threat Intelligence, Information Security (Open Date: 17/06/2025)

POSITION SUMMARY:
The Analyst, Threat Intelligence, Information Security is responsible for conducting digital forensics during incident response, preserving evidence, and identifying artifacts that may be evidence of a compromise. He/She have the ability to communicate well, contribute to cross functional and individual teams, participate in response and defensive actions over a variety of security disciplines, and disseminate technical information as appropriate in support of Melco’s critical business and security operational needs

PRIMARY RESPONSIBILITIES:
1. Performs incident root cause, forensic analysis, and reporting, preserving forensics artifacts
2. Responsible for technical investigations of cyber incidents undertaken by Cyber Security Operations Center (CSOC) Analysts
3. Develops and tests incident response playbooks and processes in collaboration with CSOC Analysts
4. Recommends post cyber-attack containment, remediation, and recovery activities
5. Responsible for analyzing flat log files, Windows event logs, Linux artifacts to correlations in endpoint detection and response (EDRs) tooling, network monitoring tools and SIEM to detect malicious activities in Melco's network
6. Supports Cyber Security Operations Center (CSOC) to research a variety of cyber security threats and trends including advanced hacking and evasion techniques for enhancing knowledge on digital forensic and incident response.
7. Responsible for preparing report on identified security vulnerabilities, attack paths and possible recommendations to prevent future attacks
8. Performs other Digital Forensic and Incident Response duties that are required

QUALIFICATIONS:
I. Experience
More than 3 years of experience in Digital Forensic and Incident Response

II. Education BS in Computer Science, Information Security, or related field or three years of equivalent experience. III. Skills / Competencies
1. Solid foundation on various security tools such as Antivirus (AV), Antispam (AS),
Endpoint Detection & Response (EDR), Firewalls (FW), Intrusion Detection / Prevention Systems (IDS/IPS), Data Loss Prevention (DLP), Security Information & Event Management (SIEM)
2. Understanding of network analysis, net flow analysis and use network sniffing tools
3. Understanding of log analysis tools (Log Logic, Splunk, or similar)
4. Strong foundation on MITRE ATT&CK Framework
5. Understanding or experience with Security Event Information Management tools
6. Understanding of exploits and vulnerabilities
7. Demonstrated ability to analyze, triage and remediate security incidents
8. Understanding of malware and eradication
9. Ability to perform basic static and dynamic malware analysis
10. Understanding of electronic investigation, forensic tools, and methodologies, including log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis
11. Good working knowledge of Cloud and Container technologies are a plus
12. Capacity to work independently and in a team environment, with proven leadership ability and project management skills
13. Capable of documenting and explaining technical details/efforts in a concise, actionable manner
14. Ability to understand the relationship between business processes, priorities, risk and their underlying technologies and security risks
15. Ability to keep pace with a fast pace and growing company
16. Ability to maintain discretion

IV. Other Attributes
1. Analytical and detail oriented – individuals must have passion and initiative
2. Strong written and verbal communication skills, good listening, and presentation
skills.
3. Independent-thinker and self-starter, who still can work well within team environment
4. Follow-up and attention to detail with great customer service skills.
5. Displays a high commitment to delivering results
6. Works well with others
7. Achieves agreed objectives and accepts accountability for results
8. Displays the highest level of integrity