Security Operations Centre Analyst
il y a 2 jours
**Location**:
Brussels, Belgium
**Security Clearance**:
EU Secret
**Introduction**:
One of our clients is currently looking for a Splunk Expert to provide professional service acting as the 1st line of response regarding the potential occurrence of a cyber-attack or security incident.
**Skills, knowledge, experience required**:
- Minimum 3 years’ experience with Splunk;
- At least 1 certification among the following:
- GPEN (GIAC Certified Penetration Tester);
- GCED (GIAC Certified Enterprise Defender);
- GPPA (GIAC Certified Perimeter Protection Analyst);
- GCFE (GIAC Certified Forensic Examiner);
- GCFA (GIAC Certified Forensic Analyst);
- GNFA (GIAC Certified Network Forensic Analyst);
- CFCE (IACIS Certified Forensic Computer Examiner);
- CCFP (Certified Cyber Forensics Professional);
- SCMO (SABSA Certified Security Operations and Service Management Specialist);
- Minimum 3 years’ experience in networking (TCP/IP, SNMP, DNS, Syslog-ng, etc.);
- Minimum 2 years’ experience in using, configuring and tuning a security information and event management (SIEM) tool;
- Knowledge on and minimum 2 years’ experience with the following network security solutions and technologies:
- Firewalls;
- Network intrusion detection systems (IDS) and intrusion prevention systems (IPS);
- Switches and routers;
- Advanced persistent threat (APT) detection solutions such as FireEye;
- DNS, DHCP, VPN;
- Network forensics (full packet capture);
- Traffic baselining analysis;
- Knowledge on and minimum 2 years’ experience with the following host-based security solutions:
- Host-based intrusion prevention systems (HIPS);
- Malware end-point protection;
- Operating system logs;
- Strong knowledge on and minimum 3 years’ experience in:
- MS Windows security events analysis;
- Security analysis of firewall, proxy, and IDS logs;
- Security analysis of applicable or middleware logs (Oracle HTTP Server, Apache HTTP Server, Oracle WebLogic Server);
- Minimum 1 year of experience in writing and optimizing:
- IDS signatures (preferably Snort and/or Suricata);
- YARA rules;
- Minimum 3 years’ experience with SIEM tools such as:
- HP ArcSight Enterprise Security Manager (ESM) 6.x;
- IBM QRadar SIEM;
- Minimum 2 years’ experience with:
- Snort or Cisco Sourcefire Next-Generation IPS (NGIPS);
- Cisco FireSIGHT;
- Check Point and Juniper firewalls;
- Blue Coat proxies.
**Desirable**:
- Minimum 2 years’ experience with STIX (Structured Threat Information Expression) with a particular focus on the following related standards:
- CybOX (cyber observables);
- CAPEC (attack patterns);
- MAEC (malware);
- TAXII (threat information exchange);
- Minimum 1 year of experience with:
- Suricata or Stamus Networks;
- ELK stack (Elasticsearch, Logstash and Kibana);
- FireEye (EX, NX, AX, FX, HX, IX).
**Duties/role**:
- Supervising and reporting on the SOC implementation based on configuration of Splunk as a SIEM;
- Providing real-time monitoring of cyber defence and intrusion detection systems;
- Performing automatic-based processing (centralisation, filtering, and correlation) of security events;
- Conducting human-based analysis of automatically correlated events;
- Processing incoming warnings, alerts, and reports;
- Performing triage based on verification, level of exposure and impact assessment;
- Categorizing events, incidents, and vulnerabilities based on relevance, exposure, and impact;
- Opening tickets and ensuring case management;
- Activating initial response plan based on standard playbook entries;
- Maintaining incident response address book;
- Advising affected users on appropriate course of action;
- Monitoring open tickets for incidents and vulnerabilities from start to resolution;
- Escalating unresolved problems to higher levels of support, including the Incident Response and Vulnerability Mitigation teams;
- Configuring the SIEM components for an optimal performance;
- Improving correlation rules to ensure that the monitoring policy allows an efficient detection of potential incidents;
- Analysing risks and security policy requirements, and translating them into technical events targeting the system components;
- Identifying the required logs, files or artefacts to collect from the monitored system and, if necessary, possible complementary devices to deploy;
- Elaborating the relevant detection and correlation rules, and implementing them in the SIEM infrastructure;
- Configuring and tuning cyber-defense solutions;
- Reviewing and improving the monitoring policy on a regular basis;
- Integrating cyber-defence solutions for efficient detection;
- Defining dashboards and reports for reporting on KPIs;
- Producing qualified reports (including recommendations) or alerts to SOC customers and following up on actions;
- Contributing to the design of the overall monitoring architecture, in close relationship with the customers and system owners on one hand, and the Security Operations Engineering team on the other hand, by performin
-
Security Operations Analyst
il y a 2 semaines
Brussels, Belgique Luminus Temps pleinPublicatiedatum: 22 augustus 2024 - Brussels - Contract open-end In today's landscape of escalating digital complexity and cybersecurity threats, a Security Operations Analyst plays a crucial role in safeguarding Luminus assets. The Security Operations Analyst is responsible for cyber incident response and the operations, monitoring and administration of a...
-
Security Analyst
il y a 2 semaines
Brussels, Belgique Proximus Group Temps pleinAre you passionate about #AI or #cybersecurity? You love working with high profile teams with a sure taste for challenge and variety? You dream to join a fast-growing company with start-up mentality? Eager to learn continuously? Join Proximus Ada ! Within this Proximus’ newly created centre of excellence for AI and Cybersecurity, the mission of the...
-
Security Operations Analyst
il y a 4 semaines
Brussels, Belgique Luminus Temps pleinAre you ready to take on the challenge of protecting critical digital assets in an ever-evolving cybersecurity landscape? At Luminus, we're looking for a proactive Security Operations Analyst to monitor, respond to, and prevent cybersecurity threats while driving innovation and collaboration. What You'll Do Monitor and respond to security events, alerts, and...
-
Security Operations Analyst
il y a 3 semaines
Brussels, Belgique Luminus Temps pleinAre you ready to take on the challenge of protecting critical digital assets in an ever-evolving cybersecurity landscape? At Luminus, we’re looking for a proactive Security Operations Analyst to monitor, respond to, and prevent cybersecurity threats while driving innovation and collaboration. What You'll Do Monitor and respond to security events,...
-
Security Analyst
il y a 3 semaines
Brussels, Belgique Vector Synergy Temps plein**Location**: Brussels, Belgium **Introduction**: One of our clients is currently looking for a Security Analyst in information system security. The client’s infrastructure is supported by Corporate ITIC services. However, some local specific needs requires to design, setup, and administer an ad-hoc solution at client level. The main focus of the...
-
Security Operation Center Analyst
il y a 1 semaine
Brussels Metropolitan Area, Belgique Fujitsu Temps pleinFor one of our customers in Brusses, Fijitsu is looking for a Security Operation Center AnalystStart ASAPPO of 1 year (extension possible)The National Bank of Belgium is an institution that works towards the stability of the financial system and the reliability of the institutions operating within it. The National Bank contributes to creating a climate of...
-
Information Technology Security Analyst
il y a 4 semaines
Brussels, Belgique Apollo Solutions Temps pleinDirect message the job poster from Apollo SolutionsIT Security Analyst (Fluent in French or Dutch)Location: Brussels (Hybrid 50/50)Contract Duration: 12-MonthsStart Date: January 2025Hourly Rate: Up to €700 per dayI am currently seeking a skilled IT Security Analyst for an exciting 12-month freelance opportunity with my leading financial services client in...
-
Security Analyst
il y a 3 semaines
Brussels, Belgique Isabel Temps pleinJob description As a leading business in secure financial transaction processing, security is at the core of Isabel. The Infrastructure Security Analyst plays an important role in Isabel's Operational Security team to ensure the confidentiality, integrity and availability of all Isabel information. The Infrastructure Security Analyst will...
-
Security Analyst
il y a 3 semaines
Brussels, Belgique Isabel Temps pleinJob description As a leading business in secure financial transaction processing, security is at the core of Isabel. The Infrastructure Security Analyst plays an important role in Isabel's Operational Security team to ensure the confidentiality, integrity and availability of all Isabel information. The Infrastructure Security Analyst will provide specialist...
-
Isabel - Security Analyst
il y a 3 semaines
Brussels, Belgique Isabel Temps pleinJob description As a leading business in secure financial transaction processing, security is at the core of Isabel. The Infrastructure Security Analyst plays an important role in Isabel's Operational Security team to ensure the confidentiality, integrity and availability of all Isabel information. The Infrastructure Security Analyst will provide...
-
Cyber Security Analyst
il y a 1 semaine
Brussels, Belgique AT Recruitment Temps plein**Job omschrijving**: Onze klant is een wereldwijde speler actief in de aviation sector. Meer specifiek ontwikkelen zij softwareoplossingen voor o.a. luchtverkeersleiding, gates, grondverlichting op vliegveldenDe onderneming is actief in 55 landen over de ganse wereld, waaronder België één van de grootste vestigingen is. Je komt terecht in de vestiging...
-
Isabel - Security Analyst
il y a 3 semaines
Brussels, Belgique Isabel Temps pleinJob description As a leading business in secure financial transaction processing, security is at the core of Isabel. The Infrastructure Security Analyst plays an important role in Isabel's Operational Security team to ensure the confidentiality, integrity and availability of all Isabel information.The Infrastructure Security Analyst will provide specialist...
-
Security Analyst
il y a 1 semaine
Brussels, Belgique Proximus Group Temps pleinA job at Proximus? You’ll find that everything revolves around the idea ‘Think Possible’. This means: we always assume that something is possible, even if it seems impossible. Well, especially so, actually. Call it a way of thinking that involves being open to a world of digital solutions that make our lives easier. And our way of working...
-
SOC Analyst
il y a 3 semaines
Brussels, Belgique WDS Global Limited Temps plein**Job Title: SOC Analyst** **Job Type: Contract** **Job Location: Brussels** **Contract Rate: Euro 530 per day** **Contract Length: 12 Months with Multiple extensions** Our Client, one of the world s foremost IT Consultancies, is looking to recruit a Contract SOC Analyst to join their client in Brussels Onsite. **Client requires EU Nationals.** The...
-
Information Security and Compliance Analyst
il y a 3 semaines
Brussels Metropolitan Area, Belgique Cyberr Temps pleinInformation Security and Compliance Analyst Languages: English and FrenchLocation: Belgium As an Information Security and Compliance Analyst (ISCA), you will play a key role in strengthening cybersecurity standards across our Belgium and Netherlands operations. You will work closely with internal stakeholders to ensure data protection, compliance with...
-
Security Engineer/Analyst
il y a 4 semaines
Brussels, Belgique Tessenderlo Group Temps pleinCompany DescriptionTessenderlo Group (Euronext: TESB) is a global industrial group that focuses on agriculture, valorizing bio-residuals, machinery, mechanical engineering, electronics, energy, and industrial solutions for water management. With headquarters in Belgium, the group is active in over 100 countries and we have a global team of more than 7,500...
-
Security Operations Engineer
il y a 3 semaines
Brussels, Belgique In4Matic Temps pleinFunctionWe’re looking for a skilled security engineer to join our client’s team, where you'll play a key role in securing their infrastructure and optimizing security operations. If you have a passion for operational security, monitoring, and incident response, this is your chance to make a real impact!Your RoleYou’ll be responsible for installing,...
-
Security Officer
il y a 4 jours
Brussels, Belgique SNCB Temps pleinVotre valeur ajoutée pour nos clients ?- En tant que Security Officer, vous assurez la sécurité des clients, des voyageurs et du personnel sur le domaine ferroviaire.- Quel est votre rôle à la SNCB ?- En tant que Security Officer, vous travaillez au sein du Security Operations Center (SOC), qui gère les incidents de sécurité sur le domaine...
-
IT IT Security and Resilience Officer 1210 Brussels
il y a 3 semaines
Brussels, Belgique Ageas Temps pleinOur organisationAgeas is a listed international insurance Group with a heritage spanning of 200 years, offering Retail and Business customers Life and Non-Life insurance, and is also engaged in reinsurance activities.As an international insurance company, Ageas concentrates its activities in Europe and Asia through a combination of wholly owned subsidiaries...
-
Network Operations Centre
il y a 3 semaines
Brussels, Belgique Fluxys Temps pleinNetwork Operations Centre (NOC) Team LeaderFluxys is an international energy infrastructure group with 1,300 employees active in gas transmission & storage and liquefied natural gas terminalling.As a purpose-led company, we’re committed to fast-track the shift to a carbon neutral world. We explore new technologies and invest in infrastructure to...
