The bank for a changing world

Computer Security Incident Response Analyst


Standard / Permanent


HK-Hong Kong (HK)-Hong Kong

Job function




Position Purpose
  • The role will conduct investigation and computer forensic for all the business entities in BNPP APAC.

  • Successful candidate would be able to demonstrate significant understanding of Cyber security and have experience of assessment in large organizations with experience in financial services.



Direct Responsibilities

  • Conduct analyses related to forensic investigations, cybercrimes, and/or cyberattacks.

  • Analyzing security logs, monitoring logs, firewall logs and intrusion prevention system logs.

  • Perform threat management and protection against threats including malware, phishing, hacking and DDoS

  • Investigation and recommendations to identify gaps from the incident.

  • Manage projects related to cyber security investigation and forensic examination.

  • Review and Update Incident Management Procedure.

  • Develop and Update operational playbook e.g. DDOS, ransomware.

  • Prepare investigation report and KPI indicator on security incidents.

  • Co-ordinate and liaise with global, regional and local incident response team.

  • Co-ordinate with internal security teams for incident response.

  • Assist with routine compliance and audit functions to ensure requirements are satisfied.

  • Provide input to the department’s management for enhancing the information security strategy.

  • Stay current on security industry trends, mitigation techniques, security technologies and new and evolving threats to the organization by attending conferences, networking with peers and other education opportunities.

Contributing Responsibilities

  • Contribute to the Permanent Control framework for implementation of policies and procedures in day-to-day business activities, such as Control Plan.

  • Comply with regulatory requirements and internal guidelines.

  • Contribute to the reporting of all incidents according to the Incident Management System.

Technical and Behavioral Competencies Required
  • Knowledge and demonstration of experience of Information Technology, particularly those areas related to Information Security, Cyber Security, Cloud Computing, Big Data and Network Security Engineering is an advantage.

  • Good communication skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner.

  • Ability to collaborate and communicate effectively and respectfully with both business-oriented executives and technology-oriented personnel in teams across the organization.

  • Computer Forensic and investigation experience is an advantage.

Experience and Qualifications Required

  • Bachelor’s degree in Computer Science, Information Assurance, or a related degree or equivalent experience.

  • Understanding and experience in Finance industry is an advantage.

  • At least 2 years relevant working experience preferred.

  • Fresh Graduates with relevant degree will be considered.

Other Value-Added Competencies

  • Must be motivated, and able to work independently as well as part of a team.

  • Attentive to detail.

  • Ability to manage several initiatives/projects and keep these on-track simultaneously.

  • Ability to effectively manage your own time and the priorities.

  • Interpersonal skills, ability to consolidate action plans and report progress status.

  • Pragmatic, ‘Can do’ attitude & Proactive approach with a strong ability to work on own initiative.

  • Capable of adapting to a new environment and to work under pressure towards tight deadlines.

  • Listens attentively and seeks clarification.