Senior CIRT Analyst

JOB DESCRIPTION

Location: Wanchai, Hong Kong, Hybrid

In this position, you'll be based in the Wanchai office for a minimum of three days a week, with the flexibility to work from home for some of your working week. Find out more about our flexible work culture at computershare.com/flex.

We give you a world of potential

The Global Information Security (GIS) team is responsible for driving the development, deployment, monitoring and management of information and cyber security across the Computershare businesses, globally. Through partnerships with the business units, Technology Services and other support functions, the Global Information Security team actively supports the business objectives whilst reducing the overall composite risk to Computershare. The Global Security Operations team is responsible for delivering a comprehensive portfolio of technical security control and monitoring services across all the global Computershare environments.

A fantastic opportunity has arisen, and we are looking for a Senior Cyber Incident Response Analyst to join our GIS team in Hong Kong.

A role you will love

The Senior CIRT Analyst plays a critical hands-on role within the Cyber Defense team, responsible for leading complex incident investigations, building and tuning threat detection capabilities, and mentoring SOC Analysts to support global 24/7 operations. This role acts as the primary escalation point for incidents that exceed Tier 1/2 capabilities and ensures operational continuity outside of Security Operations leadership working hours. This includes close collaboration with teams like Security Engineering, Threat Intelligence, the NOC and Incident Management to manage and resolve cyber security incidents to competition.

Alongside our colleagues in Security Engineering, which drives strategic control implementation, the Senior CIRT Analyst is focused on the operational and tactical build out of threat detection and response. This role will proactively translate real-world threats and attack behaviors into effective detection logic across SIEM and EDR platforms, conduct targeted threat hunts and help embed high-confidence detection into playbooks and response workflows, supporting our Incident Detection and Response Capability.

Our Senior CIRT Analysts are regionally aligned in a follow-the-sun model including positions in the Americas, EMEA and APAC. They have global presence, but also regional expertise, working alongside and advising our regional CISO teams on regional compliance and reporting requirements from a technical perspective.

Some other key accountabilities will include:

1) Incident Investigation and Response
• Act as the senior escalation point for complex or high-severity incidents.
• Lead incident response lifecycle from detection through to post-incident review.
• Perform high level forensic analysis across cloud, endpoint and network data.

2) Threat Hunting
• Develop and execute hypothesis driven hunts across available telemetry.
• Use results to identify gaps or refine detection logic.

3) Threat Detection Buildout
• Build, tune, and document detection logic in Sentinel, Defender, CrowdStrike and other platforms.
• Translate threat intelligence into rules and analytics to support incidents.
• Maintain and execute MITRE ATT&CK coverage plans.

4) Tooling, Automation, and Playbook Ownership
• Design and improve operational playbooks and SOAR workflows.
• Implement response logic for recurring incident types.

5) Mentorship and Knowledge Transfer. Support the development of SOC Analysts by providing escalation support, training and structured feedback.

6) Regulatory Compliance and Internal Standards. Ensure investigations and detection logic meet internal and external compliance requirements.

7) Incident Documentation and Regulatory Reporting. Document incidents thoroughly, ensuring all regulatory requirements for incident reporting are met.

8) Collaboration with Financial Security Teams
• Work closely with fraud prevention teams, compliance officers, and IT security teams to ensure alignment on security goals.
• Contribute to cross-team investigations of fraud or other financial breaches.

9) Continuous Learning and Process Improvement
• Stay updated on new cyber threats and mitigation techniques.
• Suggest improvements to SOC processes or playbooks, focusing on financial scenarios.

What will you bring to the role?

To be successful in this role, you must have a deep understanding of incident response practices, threat detection engineering, attacker TTPs and security technologies such as SIEM, EDR and SOAR platforms. Strong KQL or query development experience and be able to translate detection logic into operational value. Excellent interpersonal and problem-solving skills as well as communication skills (proficiency in both English and Chinese). Highly organized, analytics, and team oriented.

Some other key skills required for the role:

• Bachelor's degree or above in Computer Science, Information Technology, or related field.
• At least 5 years in SOC, IR or similar roles with demonstrable in threat hunt or tier 3 response.
• Experience building detection logic and analytics rules (e.g. KQL, Sigma).
• Deep understanding of MITRE ATT&CK, threat actors, and attack chains.
• Strong verbal and written communication skills including report writing skills, the ability to brief groups of people and the ability to translate technical terms into easy-to-understand concepts for non-technical colleagues.
• GIAC certifications (e.g. GCIA, GCIH, GNFA, GMON, GCFA), Microsoft SC-200, AZ-500 or equivalent.
• Experience with Sentinel, Defender and CrowdStrike.
• Strong scripting knowledge (PowerShell, python etc.)
• Knowledge of Security Frameworks including SOC2, ISO 27001 and NIST.
• Active geopolitical awareness.
• Experience in financial services, aviation, government or other regulated industries.

Rewards designed for you

Flexible work to help you find the best balance between work and lifestyle.
Health and wellbeing rewards that can be tailored to support you and your family.
Invest in our business by setting aside salary to purchase shares in our company, and you'll receive a company contribution as well.
Extra rewards ranging from recognition awards and team get togethers to helping you invest in your future.
And more. Ours is a welcoming and close-knit community, with experienced colleagues ready to help you grow. Our careers hub will help you find out more about our rewards and life at Computershare, visit computershare.com/careershub.

#LI-Hybrid

ABOUT US

A company to be proud of

We're a global leader in financial administration with over 11,000 employees across more than 22 different countries. At Computershare, it's more than just a job, our open and inclusive culture means that we will help you to grow, to move forward and make the most of our world of opportunities.

Fairness and culture

We're dedicated to providing you with the opportunity to succeed on your own merits, starting from the application process and continuing throughout your career with us. Our goal is to create an environment where everyone feels valued, to remove barriers and obstacles and ensure equal opportunities for all. For support with accommodations or adjustments during our recruitment process please visit computershare.com/access for further information.

ABOUT THE TEAM

Our Shared Services teams support all of our business lines behind the scenes. Across the world, we have a range of specialisms that ensure the delivery of our business priorities. These include Technology, Information Security, Finance, Risk, Audit, Governance, Marketing and Communications as well as our People team. Join our strategic team and help us look after everything from creating an amazing end to end employee journey to keeping our systems safe. You'll be looking after our people, our clients and their customers, whilst maintaining our exceptional standards around the globe.