Incident Analyst

il y a 4 jours

Brussels, Belgique Stott and May Temps plein

Cybersecurity Incident Responder / SOAR Automation Specialist (2 consultants)Contract type: Freelance / B2BLocation: Brussels, BelgiumWork mode: Mainly onsite (90–100%)Duration: Long-term assignment - up to 3 years projectEligibility: EU nationality requiredRole OverviewA large, highly regulated international client is seeking a Cybersecurity IncidentResponder with SOAR/XSOAR automation expertise to support and enhance itssecurity operations capability.The role is hands-on and operational, combining end-to-end incident response withthe design, development, and optimisation of automated incident handlingworkflows. The successful consultant will work closely with SOC analysts, cyberdefence teams, infrastructure teams, and external stakeholders in a high-maturitysecurity environment.Key Responsibilities• Handle cybersecurity incidents end-to-end, including triage,investigation, escalation, containment, and resolution.• Define and maintain incident response procedures, automationrequirements, and playbook logic aligned with operational needs.• Design, develop, and maintain SOAR / Cortex XSOAR playbooks,integrations, and automated enrichment workflows.• Integrate SOAR workflows with security platforms such as SIEM, EDR,and cloud services.• Ensure consistent and standardised handling of recurring alert typesthrough automation and documented workflows.• Coordinate incident response activities with SOC teams, cyber defenceunits, infrastructure teams, and relevant stakeholders.• Produce high-quality incident reports, technical documentation, andoperational procedures for the internal knowledge base.• Track and report on operational KPIs (e.g. MTTH, escalation rate,false/true positive ratio, automation coverage).• Support training and knowledge transfer for analysts on incident responsemethodologies and playbook usage.• Continuously identify opportunities to improve detection quality,automation efficiency, and response effectiveness.Required Skills & Experience• University degree (Bachelor's or Master's) in IT, Cybersecurity, or a relatedfield.• Minimum 10 years of experience in IT/cybersecurity, with strong focuson incident response and SOC operations.• Proven hands-on experience with SOAR platforms, preferably Palo AltoCortex XSOAR.• Strong experience designing and maintaining automated incidentresponse playbooks and enrichment workflows.• Solid programming/scripting experience, particularly Python, forautomation and integration purposes.• Practical experience with:• SIEM platforms (e.g. Splunk, Azure Sentinel)• EDR solutions (e.g. Microsoft Defender, Carbon Black Cloud)• Cloud environments (AWS and/or Azure)• Exposure to container security solutions is a plus• Strong understanding of incident response methodologies and best practices.• Experience working in large, complex, or multinational environments.• Excellent analytical and problem-solving skills, with the ability to identify rootcauses and propose automation improvements.• Ability to communicate clearly with both technical and non-technicalstakeholders.• High standards for documentation, reporting, and operational consistency.Certifications (Required / Highly Preferred)• Relevant cybersecurity certifications (minimum 2), such as:• Palo Alto Cortex XSOAR• Splunk• Microsoft Security (e.g. SC-200)• AWS Security Specialty• Azure Security Engineer• Other recognised incident response or cloud security certifications

  • Incident Analyst

    il y a 5 jours

    Brussels, Belgique Stott and May Temps plein

    Cybersecurity Incident Responder / SOAR Automation Specialist (2 consultants)Contract type: Freelance / B2BLocation: Brussels, BelgiumWork mode: Mainly onsite (90–100%)Duration: Long-term assignment - up to 3 years projectEligibility: EU nationality requiredRole OverviewA large, highly regulated international client is seeking a Cybersecurity...

  • Incident Analyst

    il y a 5 jours

    Brussels, Belgique Stott and May Temps plein

    Cybersecurity Incident Responder / SOAR Automation Specialist (2 consultants)Contract type: Freelance / B2BLocation: Brussels, BelgiumWork mode: Mainly onsite (90–100%)Duration: Long-term assignment - up to 3 years projectEligibility: EU nationality requiredRole OverviewA large, highly regulated international client is seeking a Cybersecurity...

  • Incident Responder

    il y a 2 jours

    Brussels, Belgique Vector Synergy Temps plein

    **Location**: Brussels, Belgium **Security Clearance**: EU Secret **Introduction**: Security Incident Handling aims at providing a safe communications and information infrastructure for the Contracting EU Institutions' (EU-Is’) user community and information systems by detecting, analysing, and responding to cyber-attacks and security incidents. This...

  • Incident Responder

    il y a 17 heures

    Brussels, Belgique Vector Synergy Temps plein

    **Location**: Brussels, Belgium **Introduction**: Security Incident Handling aims at providing a safe communications and information infrastructure for the Contracting EU Institutions' (EU-Is’) user community and information systems by detecting, analysing, and responding to cyber-attacks and security incidents. This service involves security incident...

  • 2nd Line Incident Solver

    il y a 17 heures

    Brussels, Belgique InHire Temps plein

    **Location: Brussels, Belgium** **Employment Type: Full-time** **Salary: €80,000 per year + Health Insurance** **Team Composition**: - 1 Team Lead - 2 Senior Incident Analysts - 2 Medior Incident Analysts - 4 Junior Incident Analysts **Requirements**: **Team Lead**: - 5+ years of experience as an incident analyst - 5+ years of experience in...

  • Principal Analyst

    il y a 17 heures

    Brussels, Belgique Vector Synergy Temps plein

    Principal Analyst (Cyber Security - Incident Coordinator) **Location**: Brussels, Belgium **Security Clearance**: NATO Secret **Reference No**: C003410 / Brussels **Skills, knowledge, experience required**: - Knowledge of security incident management and strong ability to put the theory into practice; - Knowledge of Splunk administration, dashboards,...

  • Cybersecurity Threat Analyst

    il y a 3 semaines

    Brussels, Belgique WhatJobs Temps plein

    Job Title: Cybersecurity Threat Analyst We are seeking a highly skilled and experienced cybersecurity threat analyst to join our team. As a key member of our Computer Security Incident Response Team (CSIRT), you will play a vital role in detecting, analyzing, and responding to security incidents for our clients.

  • SOC Analyst

    il y a 2 jours

    Brussels, Belgique WDS Global Limited Temps plein

    **Job Title: SOC Analyst** **Job Type: Contract** **Job Location: Brussels** **Contract Rate: Euro 530 per day** **Contract Length: 12 Months with Multiple extensions** Our Client, one of the world s foremost IT Consultancies, is looking to recruit a Contract SOC Analyst to join their client in Brussels Onsite. **Client requires EU Nationals.** The...

  • SOC Analyst Level 2

    il y a 2 semaines

    Brussels, Belgique Proximus Temps plein

    Join Proximus Ada ! Within this Proximus’ newly created center of excellence for AI and Cybersecurity, the mission of the Security Management and CSIRT teams is to protect Proximus, its customers, its business, its operations and reputation against external and internal threats. You will be fascinated by a highly dynamic environment, the strong...

  • Cyber Threat Intelligence

    il y a 2 semaines

    Brussels, Belgique EGOV Select Temps plein

    **Environment de travail** **Description des tâches** La cyberstratégie belge entend faire de la Belgique l'un des pays européens les moins cybervulnérables. En tant qu'analyste CTI, vous contribuerez de manière significative à la réalisation de cet objectif. Votre tâche principale en tant qu'analyste CTI est la collecte, l'analyse et la diffusion...