Cyber Security Incident Response Team

il y a 5 jours

Bruxelles, Région de Bruxelles, Belgique TN Belgium Temps plein

Social network you want to login/join with:

Cyber Security Incident Response Team (CSIRT) OfficerClient:

Ypto

Location:Job Category:

Other

EU work permit required:

Yes

Job Reference:

f4addfb059e1

Job Views:

2

Posted:

06.03.2025

Expiry Date:

20.04.2025

Job Description:

As a CSIRT Officer, you will join the CISO Cybersecurity Center of Excellence team within the NMBS CISO organization. You will contribute to the daily security incident preparation, detection and response activities including threat detection, incident handling, threat hunting, as well as propose and execute improvement actions, and interact with the staff of NMBS (including its affiliates) and the security services providers.

Incident handling and response

As a member of a dynamic CSIRT team, you will need to respond adequately to cyber security incidents by working together with fellow CSIRT officers and any possible stakeholders. This includes:

  • Investigating and responding to level 3/4 security incidents, including malware infections, network intrusions, and data breaches.
  • Conducting forensic investigations, coordination, and analysis of security incidents, regardless of IT, IoT, or OT origin.
  • Working closely with other members of the SOC, CSIRT, and other teams within the organization, to identify and mitigate security risks.
  • Developing and implementing incident response plans & procedures, and providing guidance to other members of the organization on security best practices.
  • Communicating and reporting security incident progress to required internal and external stakeholders.
Threat detection and hunting

As the CSIRT officer, you will also be responsible for threat detection and hunting. You will use your expertise in security operations to proactively identify threats and vulnerabilities within the organization's infrastructure with the help of the SIEM and custom detection tools. This will involve conducting regular threat hunting exercises to detect potential threats that may have evaded detection by traditional security measures. You will use a variety of tools and techniques to collect and analyze security data to identify anomalous behavior and potential indicators of compromise. Additionally, you will work closely with the 3rd party SOC team to investigate potential security incidents and provide guidance on threat remediation and mitigation strategies. You should be able to read and understand logs (Windows, Linux, network, etc.) to analyze system artifacts for signs of compromise.

You will play a critical role in ensuring the organization's security posture remains strong. You will develop, maintain, and optimize our SIEM systems to ensure timely detection and response to security incidents. This will involve creating and maintaining use cases and detection rules (based on the MITRE ATT&CK framework), as well as writing playbooks for the SOC team to ensure consistent and effective incident response. Additionally, you will automate the response to SIEM and EDR events as much as possible, allowing the SOC and the CSIRT to focus on the essentials.

Projects

In addition to the core business of our team activities mentioned above, you will also contribute to different projects based on the needs of our team. This can include rolling out new products or platforms, maintaining them, and automating manual tasks with the help of scripts.

Skills:
  • Strong analytical and problem-solving skills, with the ability to identify and respond to security incidents in a timely and effective manner.
  • Strong knowledge of security technologies and tools, such as SIEM, EDR, intrusion detection and prevention, firewalls, etc.
  • Strong understanding of networking protocols and technologies, as well as operating systems.
  • Experience with security incident response tools and techniques, including forensics and/or malware analysis.
  • Experience with threat hunting and the ability to identify and investigate suspicious activities on the network and systems.
  • Experience with SOC Engineering and identifying gaps in our detection capabilities, as well as the ability to automate alert handling.
  • Experience with one or more scripting languages: Python, Bash, PowerShell.
  • Experience with query languages (Kusto Query Language, SPL, etc.).
  • Experience with the administration of Linux systems.
  • Familiarity with cloud security concepts.
  • Passionate about security monitoring, digital forensics, incident response, and threat intelligence.
  • Spoken and written fluency in Dutch or French.
  • Spoken and written fluency in English.
  • Customer focus and able to handle sensitive situations within the organization.
Qualifications:
  • Bachelor's degree in Computer Science, Information Security, related field or equivalent experience.
  • At least 3-5 years of experience in a security-related role, with a focus on incident response and analysis.
  • Relevant certifications, such as the GCIH, GCFE, GCFA, GNFA, GCIA, GREM or similar, are a plus.
Our offer

Within our open corporate culture, you contribute to the digital transformation of SNCB. You will have a job with social impact and ample opportunity to make your own contributions. In addition to a good work-life balance and a competitive salary, you will receive the following benefits:

  • The possibility to work remotely + flexible working hours.
  • 35 days of leave.
  • A company car + a public transport season ticket.
  • A target bonus.
  • A comprehensive insurance package (affiliation without own contribution, excluding outpatient costs for family members); hospitalisation and dental care for the whole family; outpatient costs (= medical costs separate from hospitalisation); group insurance: supplementary pension, work disability, and death (cafeteria plan); accidents at work (extralegal).
  • Meal vouchers and eco-vouchers.
  • Net allowances for remote working and carwash + internet budget.
#J-18808-Ljbffr

  • Cyber Security Incident Response Team

    il y a 4 jours

    Bruxelles, Région de Bruxelles, Belgique Ypto Temps plein

    As a CSIRT Officer you will join the CISO Cybersecurity Center of Excellence team within the NMBS CISO organization . You will contribute to the daily security incident preparation, detection and response activities including threat detection, incident handling, threat hunting as well as propose and execute improvement actions, interact with the staff of...

  • Cyber Incident Response Analyst, null

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique TN Belgium Temps plein

    Social network you want to login/join with:To strengthen our Information Technology team, based at the HQ, in Brussels, Belgium we are looking for a talented individual to fill the position of: Cyber Incident Response Analyst – OTYou will be joining the " Cyber Detection and Response" team, which is part of " I T Security, Risk management, Data Privacy and...

  • Cyber Security Incident Response Team

    il y a 2 semaines

    Bruxelles, Région de Bruxelles, Belgique Ypto NV Temps plein

    As a CSIRT Officer, you will join the CISO Cybersecurity Center of Excellence team within the NMBS CISO organization. You will contribute to the daily security incident preparation, detection, and response activities including threat detection, incident handling, threat hunting, as well as propose and execute improvement actions, interacting with the staff...

  • Cyber Security Incident Response Team

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Ypto NV Temps plein

    As a CSIRT Officer, you will join the CISO Cybersecurity Center of Excellence team within the NMBS CISO organization. You will contribute to the daily security incident preparation, detection and response activities including threat detection, incident handling, threat hunting, as well as propose and execute improvement actions, interacting with the staff of...

  • Cyber Incident Response Specialist, null

    il y a 2 semaines

    Bruxelles, Région de Bruxelles, Belgique TN Belgium Temps plein

    Client: EuroclearLocation: [Location not specified]Job Category: OtherEU work permit required: YesJob Reference: 83cd9a78860fJob Views: 30Posted: 24.01.2025Expiry Date: 10.03.2025Job Description:Division: CISOThe Cyber Defense Center (CDC) is part of the Chief Information Security Officer Office. The main responsibility of the team is to reduce the risk of...

  • Incident Response Analyst

    il y a 7 jours

    Bruxelles, Région de Bruxelles, Belgique Fujitsu Temps plein

    **About the Role**We are looking for an experienced Incident Response Analyst to join our Security Operations Center (SOC) team at Fujitsu.In this role, you will be responsible for monitoring, analyzing, and responding to security incidents to protect the organization from cyber threats.You will work closely with cross-functional teams to ensure effective...

  • Incident Response

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Stott and May Temps plein

    3 days ago Be among the first 25 applicantsDirect message the job poster from Stott and MayHelping Cyber Security Experts Secure Contracts & B2B Roles | CERT/CIRT, SOC, DFIR, Threat Intel, GRC, AppSec, IAM, OT & Cloud Security | EuropeAs an Incident Response & Forensic Analyst, your primary responsibility will be to assist clients in managing and mitigating...

  • Cyber Security Architect

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Avance Consulting Temps plein

    1 day ago Be among the first 25 applicantsDirect message the job poster from Avance ConsultingTeam Lead - Talent Acquisition (Europe/UK; majorly for Netherlands / Holland)Position: SOC Lead / Cyber Security LeadJob Type: PermanentResponsibilities / Expectations from the RoleAct as a trusted advisor and Cyber Incident subject matter expert guiding senior...

  • Analyst, Cyber Incident Response and Risk Management

    il y a 2 semaines

    Bruxelles, Région de Bruxelles, Belgique North Atlantic Treaty Organization Temps plein

    NATO - North Atlantic Treaty OrganisationJob Description - Analyst, Cyber Incident Response and Risk Management (241836)Primary LocationNATO International Staff (NATO IS)ScheduleFull-timeApplication Deadline27-Jan-2025, 10:59:00 PMSalary (Pay Basis)Grade NATO Grade G15-G171. SUMMARYThe Joint Intelligence and Security Division (JISD) comprises two principal...

  • Cyber Security Consultant

    il y a 7 jours

    Bruxelles, Région de Bruxelles, Belgique Northwave Cyber Security Temps plein

    Northwave Cyber Security is een expert in informatiebeveiliging. Wij helpen onszelf als klanten hun bedrijfsrisico's te beperken door middel van onze Managed services, Projecten en de zekerheid van onze premium Indicent Response dienstverlening.We zijn op zoek naar een ervaren New Business Manager die verantwoordelijk zal zijn voor het genereren van nieuwe...

  • Incident Response

    il y a 7 jours

    Bruxelles, Région de Bruxelles, Belgique Stott and May Temps plein

    As an Incident Response & Forensic Analyst, your primary responsibility will be to assist clients in managing and mitigating security incidents. You will analyze security breaches, conduct forensic investigations, and implement security measures to enhance overall resilience. Your role is crucial in ensuring clients are well-prepared for potential threats...

  • Incident Response

    il y a 1 semaine

    Bruxelles, Région de Bruxelles, Belgique Stott and May Temps plein

    As an Incident Response & Forensic Analyst, your primary responsibility will be to assist clients in managing and mitigating security incidents. You will analyze security breaches, conduct forensic investigations, and implement security measures to enhance overall resilience. Your role is crucial in ensuring clients are well-prepared for potential threats...

  • Cyber Security Consultant

    il y a 2 semaines

    Bruxelles, Région de Bruxelles, Belgique Binit Consulting and Services (Binit C&S) Temps plein

    Get AI-powered advice on this job and more exclusive features.About us: Binit C&S is a dynamic consultancy firm based in Amsterdam and Paris, and a Nearshore center in Tunis, specializing in providing innovative technology solutions to empower our clients to thrive in competitive markets. We collaborate with industry leaders and deliver cutting-edge...

  • Cyber Security Manager

    il y a 7 jours

    Bruxelles, Région de Bruxelles, Belgique Northwave Cyber Security Temps plein

    Over NorthwaveNorthwave is een Europese specialist in Cyber Security met meer dan 250 enthousiaste professionals. Wij helpen onze klanten door een sterke focus op hun bedrijfsrisico's en een integrale benadering van informatiebeveiliging.We bieden al 18 jaar onze diensten aan op de Belgische markt. Door uitbreiding voor ons Belgisch kantoor zijn wij op zoek...

  • Cyber Security Engineer

    il y a 2 semaines

    Bruxelles, Région de Bruxelles, Belgique Reload Search Ltd Temps plein

    Senior Cybersecurity Engineer | Protect & Defend Against Evolving ThreatsAre you a seasoned cybersecurity expert ready to take on high-stakes challenges? Do you have a passion for threat detection, incident response, and risk management? If so, we want you on our teamAs a Senior Cybersecurity Engineer, you'll play a crucial role in protecting critical...

  • Cyber Security Engineer

    il y a 1 semaine

    Bruxelles, Région de Bruxelles, Belgique Reload Search Ltd Temps plein

    Senior Cybersecurity Engineer | Protect & Defend Against Evolving ThreatsAre you a seasoned cybersecurity expert ready to take on high-stakes challenges? Do you have a passion for threat detection, incident response, and risk management? If so, we want you on our teamAs a Senior Cybersecurity Engineer, you'll play a crucial role in protecting critical...

  • Cyber Security Engineer

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Reload Search Ltd Temps plein

    Get AI-powered advice on this job and more exclusive features.Expert in Building DevOps & Software Teams in the Benelux & Nordic RegionSenior Cybersecurity Engineer | Protect & Defend Against Evolving ThreatsAre you a seasoned cybersecurity expert ready to take on high-stakes challenges? Do you have a passion for threat detection, incident response, and risk...

  • Cyber Security Engineer

    il y a 2 semaines

    Bruxelles, Région de Bruxelles, Belgique Reload Search Ltd Temps plein

    Senior Cybersecurity Engineer | Protect & Defend Against Evolving Threats Are you a seasoned cybersecurity expert ready to take on high-stakes challenges? Do you have a passion for threat detection, incident response, and risk management? If so, we want you on our team As a Senior Cybersecurity Engineer, you'll play a crucial role in protecting critical...

  • Cybersecurity Threat Response Specialist

    il y a 7 jours

    Bruxelles, Région de Bruxelles, Belgique Fujitsu Temps plein

    **Role Overview**Fujitsu is seeking a highly skilled Cybersecurity Threat Response Specialist to join our Security Operations Center (SOC) team.In this role, you will be responsible for monitoring, analyzing, investigating, and responding to security incidents to protect the organization from cyber threats.You will focus on real-time monitoring, triage, and...

  • Incident Response and Threat Analysis Expert

    il y a 6 jours

    Bruxelles, Région de Bruxelles, Belgique Fujitsu Temps plein

    We are seeking a skilled Incident Response and Threat Analysis Expert to join our Security Operations Center (SOC) team. As a key player in ensuring the stability of the financial system, this role offers an exciting opportunity to contribute to the reliability of institutions operating within it.The selected candidate will be responsible for monitoring,...