Cyber Security Incident Response Team Officer - Brussels - 12 months
Posted on :
07-06-2024
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Cyber Security Incident Response Team Officer Brussels 12 months
One of our important clients is currently looking for a Cyber Security Incident Response Team Officer for a 12month contract in Brussels. The rate is negotiable.
Incident handling
As member of the dynamic team you will need to be able to respond adequately to cyber security incidents by working together with fellow officers and any possible stakeholders (such as staff security services providers).
This includes:
Investigate and respond to security incidents including malware infections network intrusions and data breaches
Conduct forensic investigations and analysis of security incidents including analysis of phishing mails security alerts (SIEM EDR etc).
Work closely with other teams within the organization to identify and mitigate security risks
Develop and implement incident response procedures and provide guidance to other
members of the organization on security best practices
SOC Engineering
You will play a critical role to ensure the organizations security posture remains strong.
You will develop maintain and optimize our SIEM and EDR systems to ensure timely detection and response to security incidents. This will involve creating and maintaining use cases and detection rules (based on the MITRE ATT&CK framework) as well as writing playbooks for the SOC team to ensure consistent and effective incident response.
Additionally you will automate the response to SIEM and EDR events as much as possible in order to allow the SOC and the CSIRT to focus on the essentials.
Threat detection and hunting
As the CSIRT officer you will also be responsible for threat detection and hunting.
You will use your expertise in security operations to proactively identify threats and vulnerabilities within the organizations infrastructure with the help of the SIEM and custom detection tools. This will involve conducting regular threat hunting exercises to detect potential threats that may have evaded detection by traditional security measures.
You will use a variety of tools and techniques to collect and analyze security data to identify anomalous behavior and potential indicators of compromise.
Additionally you will work closely with the 3rd party SOC team to investigate potential security incidents and provide guidance on threat remediation and mitigation strategies.
You are able to read and understand logs (Windows Linux network etc) and to analyze
system artifacts for signs of compromise.
Projects
Next to the core business of the team activities mentioned above you will also contribute in different projects based on the needs of the team. This can include rolling out a new products or platforms maintaining them automate manual tasks with the help of scripts ...
Requirements
Technical skills:
Strong analytical and problemsolving skills with the ability to identify and respond to security incidents in a timely and effective manner
Strong knowledge of security technologies and tools such as SIEM EDR intrusion detection and prevention firewalls ...
Strong understanding of networking protocols and technologies as well as operating systems
Experience with security incident response tools and techniques including forensics and/or malware analysis
Experience with threat hunting and the ability to identify and investigate suspicious activities on the network and systems
Experience with SOC Engineering and identifying gaps in our detection capabilities as well as the ability to automate alert handling
Experience with one or more scripting languages: Python Bash PowerShell
Experience with query languages (Kusto Query Language SPL etc)
Experience with the administration of Linux systems
Familiar with cloud security concepts
Soft skills:
Passionate about security monitoring digital forensics incident response threat intelligence
Customer focus and able to handle in an organizationsensitive way
Spoken and written fluency in English
Spoken and written fluency in Dutch and/or French is a plus
Qualifications:
Bachelors degree in Computer Science Information Security related field or equivalent experience
At least 35 years of experience in a securityrelated role with a focus on incident response and analysis
Relevant certifications such as the GCIH GCFE GCFA GNFA GCIA GREM or similar are a plus
If you are interested please send me your CV and I will contact you with further details.
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
