Technical Lead, Incident Response
Hong Kong
S-RM
Leading cyber security consultancy and intelligence experts delivering intelligence, resilience, and response solutions to clients worldwide.ASSOCIATE (TECHNICAL LEAD), INCIDENT RESPONSE ASIA
Our Incident Response Associates are a critical part of our Cyber Security division's success.
As a Response Associate (Technical Lead), you will deploy your incident response expertise in a senior delivery role across our incident response services.
You will work across the full lifecycle of security incidents to help our clients respond and recover, including:
- Supporting technical incident response from first contact through to closure: you will be the primary technical resource on response cases, deploying your own expertise, creating tailored strategies for response workstreams, and offering guidance to colleagues on your project team. You may also be supported by more senior technical team members where appropriate.
- Overseeing host- and network-based incident response investigations: including triage, system recovery, technical evidence collection, and forensics, log, malware and root cause analyses.
- From time to time, you may also be required to provide overarching project management support, including coordinating non-technical workstreams, and providing verbal or in-person client updates.
- Developing and sharing domain expertise: we will support you in growing your cyber expertise, including sharing it with the wider team through internal initiatives and programs.
- Participating in an on-call rotation to provide 24x7x365 client incident coverage.
Other features of the role include:
- Variety of casework: no day will be the same. Our team responds to a huge variety of incidents for both public and corporate clients.
- Range of opportunities: you will have opportunities to broaden your security awareness into testing and advisory projects, in addition to deepening your incident response expertise.
- Flexible working practices: responding to incidents can be intense, high-pressure work. We are mindful of our team's work/life balance and offer flexible working options to support your wellbeing.
We're looking for:
- Direct experience working in an Incident Response team is strongly preferred, however, candidates with exposure to working with Incident Response teams, or those in roles reflecting aspects of Incident Response will be considered.
- A critical and investigative mindset. You should be comfortable solving problems with limited information and guidance, developing proportionate strategies to achieve timely outcomes.
- Clear demonstrable knowledge of cyber threat actors, and their tactics, techniques, and procedures.
- Strong communication skills. You should be comfortable speaking to people at all levels of an organization, from the board of directors to the technical teams.
- Demonstrable understanding of the basic workstreams within an incident response engagement. Providing evidence of engagement with forensics, containment and restoration/recovery is a benefit.
- You are comfortable using scripting to solve cyber security problems and ideally be able to demonstrate an interest in doing so, e.g. through your own research projects or prior experience.
- It is strongly recommended that candidates hold one of the following certifications (or equivalent) GCFE, GCFA, GCIH, GNFA. However, holding any of the following is beneficial: EnCE, CFSR, CISSP, GREM, CCNA, MCFE, OSCP, Network+ and Security+
- Fluency in either Cantonese or Mandarin is also beneficial, although not required.
The successful candidate must have permission to work in Hong Kong by the start of their employment.
OUR BENEFITS
We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, including:
- 20 days holiday per year in addition to bank holidays (+1 day for every day of service up to a maximum of 25 days);
- MPF (Mandatory Provident Fund) – MPF mandatory minimum contribution is 5% which is currently capped at HKD$1,500 per month. On top of that we offer an additional 1% of voluntary matching contribution up to a total maximum of 6%.
- Life insurance – 4x annual salary
- Parental Support:
- Maternity leave- 26 weeks of full pay followed by 13 weeks of half pay;
- Paternity leave- 6 weeks of full pay;
- Fertility treatment leave – 5 days of leave per cycle of treatment per year .
- Various Health and Medical Benefits:
- Private medical healthcare including clinical, hospital and dental cover;
- Free access to the world-famous mindfulness app Headspace;
- EAP programme for you and your immediate family.
The role will be based in our office in Hong Kong. However, we have flexible working arrangements available.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISSP EnCE Forensics GCFA GCFE GCIH GNFA GREM Incident response Malware OSCP Scripting
Perks/benefits: Fertility benefits Flex hours Health care Medical leave Parental leave
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.