Cyber Threat Intelligence Lead - AsiaPac
Deloitte AU
Hong Kong, HK

About the role

As a member of the CTI team, the CTI Lead will be responsible for collecting information used to analyze the political, economic, social, and behavioral aspects of malicious cyber activity and contributing to internal intelligence products for our clients.

This position is primarily focused on Chinese and East Asian-based APT actors. We’re looking for an intel analyst with deep knowledge of APT groups based in the region including campaigns, TTPs and activities.

Roles and Responsibilities :

  • Work with various intelligence collection and reporting tools and frameworks to produce reports.
  • Collect, process, catalog, and document information using an ALL-SOURCE approach and various technical and human means on cyber-security topics as required based on defined intelligence requirements.
  • Respond to requests for ad-hoc reporting and research topics from management and analysts as required.
  • Identify gaps in available intelligence information and engages with leadership on strategies to meet intelligence requirements through Intelligence collection processes.
  • Quickly understand and deliver on company and customer requirements.
  • Deal professionally with offensive, profane, and obscene materials encountered during investigations and research.
  • Aid in and participate in daily, weekly, quarterly, and yearly production reporting for clients, partners, and internal teams.
  • About you

  • Bachelor’s degree in Computer Science / Engineering or a related field
  • Demonstrated previous direct experience in a CTI-related role encompassing all phases of the intelligence lifecycle (direction, collection, processing, analysis and dissemination), CTI tools (e.
  • g. intelligence sharing platforms such as MISP, visual investigation and analysis tools such as Maltego, secure operating systems such as Whonix and Qubes, malware sandboxes) and methods.

  • Strong understanding of threat analysis and enterprise level, mitigation strategies.
  • Working knowledge of how malicious code operates and how technical vulnerabilities are exploited.
  • Knowledge of operating systems and networking technologies in general.
  • Knowledge of databases, query design, and how to analyze data thus obtained.
  • Hands-on experience with technical intelligence collection and analysis as well as development of intelligence reports is a must (including strategic (geopolitical knowledge) and tactical finished intel reports)
  • Experience with deep, dark web and IRC channel collection activities and tradecraft
  • TTP knowledge of major malware families such as infostealer, spambot, banking trojan, RAT
  • TTP knowledge of major APT groups from Vietnam, CN, or NK
  • Capable of hunting, tracking threat activity for these groups, map attacker infrastructure and being able to pivot to related / additional threat data
  • Knowledge of one or more foreign languages used in cyber threat activity hotspots (Arabic, Farsi, Mandarin, Korean, or Russian)
  • Team management, incident response and malware analysis experience
  • Reverse Engineering skills is a plus
  • Why Deloitte?

    At Deloitte, we create positively differentiated work experiences that enable our people to feel valued and achieve their full potential.

    We value difference and embrace people with diverse backgrounds and thinking styles. Knowing that people work best in different ways, we are happy to discuss alternative arrangements if the working pattern you are looking for is not specifically indicated.


    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    通過點擊“持續”,我允許neuvoo同意處理我的數據並向我發送電子郵件提醒,詳見neuvoo的 隱私政策 。我可以隨時撤回我的同意或退訂。