Description
Company Overview:Join a forward-thinking company that stands at the forefront of network solutions and cloud services. We are dedicated to engineering robust, scalable, and secure IT infrastructures that not only meet but exceed the business needs of our clients. Our commitment is to maintain the highest standards of availability, performance, integrity, security, and quality of IT landscapes, enhancing the operational capabilities of our clients and their customers.
Job description:
As a Cyber Security Incident Response Team Officer, you will join the CISO organization to strengthen our capabilities in managing and responding to cybersecurity threats. This role involves actively participating in SOC engineering, threat detection, incident handling, and threat hunting, to protect our digital infrastructure and respond effectively to security incidents.
Key Responsibilities:
Incident Handling:
• Investigate and respond to security incidents such as malware infections, network intrusions, and data breaches.
• Conduct forensic investigations and analyses, including the review of phishing mails and security alerts from tools like SIEM and EDR.
• Collaborate with other teams to identify and mitigate security risks, and develop incident response procedures.
• Educate and guide organization members on security best practices.
SOC Engineering:
• Develop, maintain, and optimize SIEM and EDR systems to ensure timely detection and response to security events.
• Create and maintain detection rules and playbooks based on the MITRE ATT&CK framework.
• Automate response to SIEM and EDR events to streamline operations.
Threat Detection and Hunting:
• Proactively identify threats and vulnerabilities using SIEM tools and custom detection methods.
• Conduct regular threat hunting exercises to detect potential threats that have evaded traditional security measures.
• Analyze security data to identify anomalous behaviors and potential indicators of compromise.
• Collaborate with third-party SOC teams to investigate and mitigate threats.
Projects:
• Participate in various projects such as deploying new products or platforms, maintaining systems, and automating tasks using scripting.
Requirements:
Technical Skills:
• Strong analytical and problem-solving skills, capable of identifying and responding to security incidents effectively.
• Proficient in security technologies including SIEM, EDR, intrusion detection, firewalls, and prevention systems.
• Solid understanding of networking protocols, technologies, and operating systems.
• Skilled in security incident response tools and techniques, including forensics and malware analysis.
• Experienced in threat hunting, SOC engineering, and automation of alert handling.
• Proficient in scripting languages (Python, Bash, PowerShell) and query languages (KQL, SPL).
• Knowledgeable in Linux system administration and cloud security concepts.
Soft Skills:
• Passionate about security monitoring, digital forensics, and incident response.
• Customer-focused and capable of sensitive organizational handling.
• Fluent in English; proficiency in Dutch and/or French is a plus.
Qualifications:
• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent experience.
• 3-5 years of experience in a security-related role, focusing on incident response and analysis.
• Certifications like GCIH, GCFE, GCFA, GNFA, GCIA, GREM, or similar are advantageous