Incident Responder

il y a 2 semaines

Brussels, Belgique Vector Synergy Temps plein

**Location**:
Brussels, Belgium

**Security Clearance**:
EU Secret

**Introduction**:
Security Incident Handling aims at providing a safe communications and information infrastructure for the Contracting EU Institutions' (EU-Is’) user community and information systems by detecting, analysing, and responding to cyber-attacks and security incidents.

This service involves security incident detection, containment, eradication, and recovery by taking action to protect systems and networks affected or threatened by intruder activity, providing solutions and mitigation strategies from relevant advisories or alerts, and defining and executing responses plans and playbook entries. It also encompasses the set of standards, processes, tools, technology, and skilled staff to detect in the earliest stage and to efficiently respond to cyber-attacks and security incidents.

**Skills, knowledge, experience required**:

- At least 1 certification in the field of incident handling:

- GCIH (GIAC Certified Incident Handler);
- GCIA (GIAC Certified Intrusion Analyst);
- ECIH (EC-Council Certified Incident Handler);
- CSIH (SEI Certified Computer Security Incident Handler);
- SCPO (SABSA Certified Security Operations and Service Management Practitioner);
- Minimum 2 years’ experience in networking (TCP/IP, SNMP, DNS, Syslog-ng, etc.);
- Sound knowledge of and minimum 1 year of experience with IT security issues;
- Sound background and minimum 1 year of experience in the following areas:

- Operating system security and working with multiple operating systems;
- Anti-virus technologies;
- Network security:

- Practical level understanding of common TCP/IP-based services and protocols such as DNS, DHCP, HTTP, FTP, SSH, and SMTP;
- Firewall theory;
- Proxies and reverse proxies;
- Intrusion detection systems (IDS) and intrusion prevention systems (IPS);
- Full packet capture analysis;
- Vulnerability assessment and handling;
- Malware reverse engineering;
- Handling malicious code incidents;
- System (file and memory) and network forensics analysis with tools such as:

- Forensic Toolkit (FTK);
- EnCase Enterprise;
- Knowledge of development and scripting languages such as:

- Python;
- C/C++;
- Java;
- JavaScript;
- Perl or Ruby;
- Regular expressions;
- Linux shell/bash;
- MS Windows PowerShell;
- Minimum 1 year of experience with:

- EnCase Enterprise and EnCase Cybersecurity or FTK/AccessData (AD) Enterprise or Mandiant Intelligent Response (MIR);
- Volatility framework;
- SIFT Workstation or The Sleuth Kit (TSK).

**Desirable**:

- At least 1 certification among the following:

- GPEN (GIAC Certified Penetration Tester);
- GCED (GIAC Certified Enterprise Defender);
- GPPA (GIAC Certified Perimeter Protection Analyst);
- GCFE (GIAC Certified Forensic Examiner);
- GCFA (GIAC Certified Forensic Analyst);
- GNFA (GIAC Certified Network Forensic Analyst);
- CFCE (IACIS Certified Forensic Computer Examiner);
- CCFP (Certified Cyber Forensics Professional);
- SCMO (SABSA Certified Security Operations and Service Management Specialist);
- Minimum 1 year of experience with STIX (Structured Threat Information Expression) with a particular focus on the following related standards:

- CybOX (cyber observables);
- CAPEC (attack patterns);
- MAEC (malware);
- TAXII (threat information exchange).

**Duties/role**:

- Collecting from and correlating with information sources;
- Assessing incoming incident reports and performing efficient triage;
- Acknowledging alerts from/to the reporter;
- Confirming and classifying the incidents;
- Opening the incidents in the workflow system, identifying the stakeholders and notifying them;
- Assigning the case to the appropriate incident handlers and initiating the incident handling process;
- Providing continuous improvement of incident response plans and playbook entries;
- Defining and carrying out security incident identification measures;
- Overseeing the ongoing analysis activities (forensics or reverse engineering) and analysing data in order to build a comprehensive view of the incident;
- Maintaining and sharing incident documentation:

- Elaborating the map of the attacks/incidents with tools such as MS Visio and Maltego;
- Building a reliable timeline of the incident;
- Maintaining a situation report using relevant information sharing tool (i.e. web portal, wiki);
- Defining response strategy and presenting it to Management for approval:

- Identification, data collection and analysis;
- Containment;
- Eradication;
- Recovery;
- Defining and carrying out containment, eradication, and recovery measures;
- Providing technical assistance to all stakeholders;
- Coordinating incident response;
- Participating in cyber-crisis management and coordination:

- Preparing and maintaining action plans;
- Drafting meeting minutes and reports;
- Following up on the execution of actions decided by the Crisis Committee;
- Arranging crisis logistics, including meetings;
- Examining available information a

  • Incident Responder

    il y a 1 semaine

    Brussels, Belgique ARHS Developments Belgium Temps plein

    **Company Description** Arηs is a fully **independent** group of companies specialized in managing complex **IT projects and systems **for **large organisations**, focusing on state-of-the-art software development, business intelligence and infrastructure services. We are composed of 17 entities across 9 countries that are unified by the Arηs Group, with...

  • Incident Responder

    il y a 3 semaines

    Brussels, Belgique WDS Global Limited Temps plein

    **Job Type: Contract** **Job Location: Brussels 3 days a week onsite/ 2 days remote** **Contract Rate: Euro 550 per day** **Contract Length: 6 Months with extensions** Maintain and share incident documentation Elaborate the map of the attack/incident (i.e. with tools like MS Visio, Maltego) Build a reliable timeline of the incident Maintain a...

  • Incident Manager

    il y a 2 semaines

    Brussels, Belgique NVISO Temps plein

    Already experienced in the world of cyber security? New to it all, but genuinely interested? Well, at NVISO we might be looking for you and we’d love to have a chat! Who are we? **It all starts with the mission**: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private...

  • Ciso/csirt Officer

    Il y a 2 mois

    Brussels, Belgique 3D-ICT Temps plein

    Introductie As a Cyber Security Incident Response Team Officer you will join the CISO Solutions and Services team within the CISO organization (Cyber - and Information Security Office). You will contribute to the daily incident detection and response activities including SOC engineering, threat detection, incident handling and threat...

  • Junior SOC Analyst

    Il y a 2 mois

    Brussels, Belgique Sopra Steria Temps plein

    Sopra Steria is looking for a **Junior SOC Analyst**. As a **Junior SOC Analyst**, you will work alongside our experienced team of cybersecurity professionals to ensure the security of our systems. You will be jointly responsible for monitoring and analyzing security incidents, and taking appropriate measures to prevent potential incidents. **Your...

  • SOC Analyst

    il y a 2 semaines

    Brussels, Belgique HNM Solution Temps plein

    **Description**: - We are currently looking for a motivated Junior SOC Analyst to join our team. - As a Junior SOC Analyst you will work with our experienced team of cybersecurity professionals to ensure the security of our systems. You are partly responsible for monitoring and analyzing security incidents, and taking the correct measures to prevent...

  • SOC Analyst

    il y a 3 semaines

    Brussels, Belgique Proximus Group Temps plein

    Join Proximus Ada ! Within this Proximus’ newly created center of excellence for AI and Cybersecurity, the mission of the Security Management and CSIRT teams is to protect Proximus, its customers, its business, its operations and reputation against external and internal threats. You will be fascinated by a highly dynamic environment, the strong...

  • SOC Analyst

    il y a 2 jours

    Brussels, Belgique Proximus Group Temps plein

    Join Proximus Ada ! Within this Proximus’ newly created center of excellence for AI and Cybersecurity, the mission of the Security Management and CSIRT teams is to protect Proximus, its customers, its business, its operations and reputation against external and internal threats. You will be fascinated by a highly dynamic environment, the strong...

  • Cloud Security Officer

    il y a 2 semaines

    Brussels, Belgique Proximus Group Temps plein

    **Key Responsibilities** - **Cloud Security Strategy**: Develop and implement a comprehensive security strategy for major public cloud services (Azure, Google Cloud, AWS, etc.). - **Risk Assessment**: Conduct regular security assessments and risk analyses of cloud environments to identify vulnerabilities and recommend mitigation strategies. - **Compliance...

  • - copy - copy

    il y a 3 semaines

    Brussels, Belgique Proximus Temps plein

    Join Proximus Ada ! Within this Proximus’ newly created center of excellence for AI and Cybersecurity, the mission of the Security Management and CSIRT teams is to protect Proximus, its customers, its business, its operations and reputation against external and internal threats. You will be fascinated by a highly dynamic environment, the strong...

  • Cdc Analyst

    il y a 3 semaines

    Brussels, Belgique Proximus Group Temps plein

    Proximus is active as a provider of digital services and communication solutions on the Belgian and international markets. We offer our customers a world of digital opportunities so that they can live better and work smarter. We do this by offering products and services tailored to the needs of every customer and by being a partner of citizens, companies and...

  • - copy - copy

    il y a 3 semaines

    Brussels, Belgique Proximus Temps plein

    Join Proximus Ada ! Within this Proximus’ newly created center of excellence for AI and Cybersecurity, the mission of the Security Management and CSIRT teams is to protect Proximus, its customers, its business, its operations and reputation against external and internal threats. You will be fascinated by a highly dynamic environment, the strong...

  • SOC Manager

    il y a 4 semaines

    Brussels, Belgique NVISO Temps plein

    Are you already experienced in the world of security and would you like to further increase your responsibilities and grow your career? At NVISO you have the opportunity and we look forward to getting to know you! As a SOC Manager within our Managed Security Services (MSS) setup, you will be responsible for leading a team of SOC analysts based in Greece who...

  • SOC Manager

    il y a 23 heures

    Brussels, Belgique NVISO Temps plein

    Are you already experienced in the world of security and would you like to further increase your responsibilities and grow your career? At NVISO you have the opportunity and we look forward to getting to know you! As a SOC Manager within our Managed Security Services (MSS) setup, you will be responsible for leading a team of SOC analysts based in Greece who...

  • Service Desk Agent M/w/x

    il y a 2 semaines

    Brussels, Belgique CRONOS ITS Temps plein

    **Description de la fonction **Main tasks**: - Respond to requests for assistance received from end users by phone, mail or via other interactive platforms - for example : chat tools - etc (Fist-line customer liaison). - Diagnose and resolve technical hardware and software issues - Make an initial assessment of incidents, attempting to resolve them (Remote...

  • First Line Support

    il y a 2 semaines

    Brussels, Belgique Cronos Europa Temps plein

    **Main tasks**: - Respond to requests for assistance received from end users by phone, mail or via other interactive platforms - for example : chat tools - etc (Fist-line customer liaison). - Diagnose and resolve technical hardware and software issues - Make an initial assessment of incidents, attempting to resolve them (Remote user assistance) within...

  • Vice President, Issuer Services

    Il y a 2 mois

    Brussels, Belgique Kroll Temps plein

    In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity—not just answers—in all areas of business. We embrace diverse backgrounds and global perspectives, and we cultivate...

  • Ciso - Information Security Manager - Liège

    Il y a 2 mois

    Brussels, Belgique Lease Temps plein

    **Description**: **Function**: - Establish and enforce robust cybersecurity policies, standards, and procedures to minimize risks and ensure adherence to relevant laws and regulations. - Identify, evaluate, and prioritize cybersecurity risks, developing effective strategies to manage and mitigate these risks efficiently. - Lead the development and...

  • Contract Support Coordinator- Parttime

    il y a 3 semaines

    Brussels, Belgique CBRE Temps plein

    Posted- 22-Nov-2023- Service line- GWS Segment- Role type- Part-time- Areas of Interest- Facilities Management- Location(s)- Brussels - Brussels Hoofdstedelijk Gewest - Belgium**CBRE is currently looking for a part time (24hours/week) Contract Support Coordinator for our client Honeywell at Brussels.** **Working from home or office is a...

  • Systems Administrator

    il y a 3 semaines

    Brussels, Belgique Optimy Temps plein

    Optimy is a Belgian tech scale-up and the European leader in the Social Impact industry that enables any organization to manage and align its grant, volunteering, donation, and sponsorship programs. At Optimy, we believe that corporations are a force for good and can make the world a better place. For more than 12 years, we have enabled organizations to...