Digital Forensics and Incident Response Analyst

il y a 3 semaines


Brussels, Belgique CERT-EU Temps plein

Contract Agent Function Group IV
- DFIR

**What we propose**:
Our Digital Forensics and Incident Response (DFIR) Team has the responsibility for monitoring available information sources for indications of compromise of the EU institutions, bodies and agencies, our constituents. Analysts in the team triage the incoming information, and, if necessary, investigate incidents and coordinate the full response process.

We are currently looking for a DFIR Analyst to join the team in order to:

- Work with other DFIR experts, each one predominantly focused on the specific security domain for which they are most competent, but all closely cooperating as a team, coordinated by the DFIR Team Leader, who reports to the Head of CERT-EU
- Monitor security alerts and triage them
- Analyse logs, perform forensics analysis of disk and memory images and draft incident reports
- Seek to improve tools and processes aiming at increasing the efficiency and performance of the team
- Develop their skills as well as learn new ones through a comprehensive training programme involving both internal and external trainings.

**Who we look for**:

- Vulnerability assessments and penetration testing
- Knowledge of Windows, Linux, and macOS operating systems
- Log management and analysis tools
- Tools for packet capture and analysis such as Wireshark or tcpdump
- Web security including understanding of the underlying protocols
- Static artefact analysis including debugging, code de-obfuscation, and reverse engineering basics
- Scripting experience, particularly using JavaScript, Python, and PowerShell
- Using and configuring sandboxes such as Cuckoo, FireEye, etc.
- Memory forensics tools such as Volatility
- Disk forensics tools, such as EnCase, FTK, the SleuthKit, RegRipper, etc.
- Cyber-threat intelligence sharing, using MISP in particular
- Use of incident management tools.
- A high level of customer orientation
- Strong analytical and problem solving skills, including the ability to deal with a large amount of information in a limited time
- Ability to establish and maintain effective working relations with coworkers in an international and multi-disciplinary work environment
- A high degree of commitment and flexibility
- Excellent communication skills in English, both orally and in writing
- A focus on constant learning and improvement of technical and personal skills
- Experience with a vast array of IT technologies and the ability to quickly master new ones.

**What would make you stand out**:

- Work experience in a complex public sector environment
- Experience with Splunk
- General security certifications (e.g. CISSP)
- Certification in a Project Management methodology (e.g. PMI, Prince2) and/or in service management (e.g. ITIL)
- Experience in delivering trainings and public presentations.

**What we offer**:

- A friendly and multicultural workplace
- A stimulating and unique environment where personal development, growth and initiative are encouraged
- Continuous learning opportunities
- Working with a supportive and dynamic team with a deep sense of mission
- Flexible scheduling with the possibility to work from home on a part-time basis
- An attractive salary.

Consult the Jobs at the European Commission page for more information on the working conditions. Please note that **the position is based in Brussels, Belgium**. Full remote work is not possible at this time.

**Are you eligible**:
To apply, you have to:

- Be a national of one of the Member States of the European Union
- Be able to provide a certificate of good conduct
- Have fulfilled any legal obligations related to military service
- Be able to produce evidence of thorough knowledge of one of the official EU languages (level C1) and satisfactory knowledge of a second official EU language (level B2).

Additionally, to be recruited as a contract agent, you must have:

- For function groups II and III:

- a level of post-secondary education attested by a diploma, or
- a level of secondary education attested by a diploma giving access to post-secondary education, and appropriate professional experience of at least three years, or
- professional training or professional experience of an equivalent level, where justified in the interest of the service.
- For function group IV:

- a level of education which corresponds to completed university studies of at least three years attested by a diploma, or
- professional training of an equivalent level, where justified in the interest of the service.

**If so, then apply**:

- If your skill-set matches the requirements, we will contact you for an informal interview to introduce you to CERT-EU, get to know you better and answer questions you might have
- If the informal interview goes well, you will need to take a CAST test. Worry not, our wonderful secretariat will supply all the necessary information
- Once you succeed in the CAST test, we will then invite you for a formal interview in view of a possible recruitment.


  • Incident Response

    il y a 2 semaines


    Brussels, Belgique Tobania Temps plein

    **What can you expect?**: The Incident Response Analyst handles security incidents received/scaled from Threat Triage or other IT detection functions and performs technical impact analysis on the security incident. While the Threat Triage Analyst focuses primarily on root cause analysis and limited response, the Incident Response Analyst focuses primarily on...

  • Incident Response

    il y a 4 semaines


    Brussels, Belgique Tobania Temps plein

    What can you expect? The Incident Response Analyst handles security incidents received/scaled from Threat Triage or other IT detection functions and performs technical impact analysis on the security incident. While the Threat Triage Analyst focuses primarily on root cause analysis and limited response, the Incident Response Analyst focuses primarily on...


  • Brussels, Belgique AfinIT Temps plein

    Our customer is a major international company with an attractive culture & development perspective. Contact us for more information. AfinIT has the exclusive mandate to attract and hire a Security Analyst with strong exposure to join the CyberSecurity Team. **Together with your colleagues, you will be in charge for**: CyberSecurity Response and...

  • Incident Responder

    il y a 3 semaines


    Brussels, Belgique Vector Synergy Temps plein

    **Location**: Brussels, Belgium **Introduction**: Security Incident Handling aims at providing a safe communications and information infrastructure for the Contracting EU Institutions' (EU-Is’) user community and information systems by detecting, analysing, and responding to cyber-attacks and security incidents. This service involves security incident...

  • Incident Responder

    il y a 4 semaines


    Brussels, Belgique Vector Synergy Temps plein

    **Location**: Brussels, Belgium **Security Clearance**: EU Secret **Introduction**: Security Incident Handling aims at providing a safe communications and information infrastructure for the Contracting EU Institutions' (EU-Is’) user community and information systems by detecting, analysing, and responding to cyber-attacks and security incidents. This...

  • Cirt Analyst

    il y a 2 semaines


    Brussels, Belgique Euroclear Temps plein

    CIRT Analyst - (BRU205RY) Description **Division** Cyber Threat Analysis & Response (CTAR) is part of the Group Security and Business Resilience division. The main responsibility of the team is to execute the Cyber Threat Management (CTM) capabilities, Security Operations Centre (SOC), and Cyber Incident & Response Team (CIRT). This includes cyber threat...

  • Incident Responder

    il y a 3 semaines


    Brussels, Belgique WDS Global Limited Temps plein

    **Job Type: Contract** **Job Location: Brussels** **Contract Rate: Euro 550 per day** **Contract Length: 12 Months with Multiple extensions** Job description: - 3 Years Incident Response experience - CSIRT Experience - Forensics experience - Conduct threat intelligence related tasks. Review existing threat intelligence reports and extract the relevant...

  • Incident Response

    il y a 2 semaines


    Brussels, Belgique Next Ventures Limited Temps plein

    Type **Contract** **Incident Coordinator - 12 Months*** **Job**: The client is implementing reliable Security Operations Center services, based on a Managed Detection and Response solution : IAsaac, which is an Advanced Management Security service using artificial intelligence and machine learning, that provides threat Intelligence, threat Hunting,...


  • Brussels, Belgique EY Temps plein

    **About Us** We are a team of 55+ Cybersecurity and Privacy professionals that helps organizations address the challenges on cybersecurity and privacy in a way that is in line with their business strategy. We provide independent and impartial assistance in IT and business in industry and government organizations. Our security professionals possess diverse...


  • Brussels, Belgique EY Temps plein

    **About Us** We are a team of 55+ Cybersecurity and Privacy professionals that helps organizations address the challenges on cybersecurity and privacy in a way that is in line with their business strategy. We provide independent and impartial assistance in IT and business in industry and government organizations. Our security professionals possess diverse...

  • Incident Responder

    il y a 4 semaines


    Brussels, Belgique NRB Temps plein

    **Trasys International** offers IT Consulting jobs at the **European Institutions** and** International Organizations.** Your main responsibilities: - Collection from and correlation with information sources - Assess incoming incident reports and perform efficient triage. Acknowledge alerts from/to reporter - Confirm and classify the incidents; - Open an...

  • Cyber Security

    il y a 4 semaines


    Brussels, Belgique Proximus Group Temps plein

    A job at Proximus? You’ll find that everything revolves around the idea ‘Think Possible’. This means: we always assume that something is possible, even if it seems impossible. Well, especially so, actually. Call it a way of thinking that involves being open to a world of digital solutions that make our lives easier. And our way of working...

  • Security Consultant

    il y a 2 semaines


    Brussels, Belgique Vector Synergy Temps plein

    **Location**: Brussels, Belgium **Security Clearance**: EU Secret **Skills, knowledge, experience required**: - 3 years’ experience in: - Computer forensics: FTK, Encase, Sleuth Kit, Magnet AXIOM, GrayKey, Cellebrite, Oxygen, Plaso, Volatility; - Malware analysis and reverse engineering, debugging: IDA Pro, Ghidra, OllyDBG; - Cyber threat intelligence...


  • Brussels, Belgique Vector Synergy Temps plein

    **Location**: Brussels, Belgium **Security Clearance**: EU Secret **Introduction**: One of our clients is currently looking for a Splunk Expert to provide professional service acting as the 1st line of response regarding the potential occurrence of a cyber-attack or security incident. **Skills, knowledge, experience required**: - Minimum 3 years’...

  • Cyber Security

    il y a 1 semaine


    Brussels, Belgique Proximus Group Temps plein

    **Role description** The Cyber Security Incident Response Team is a centralized security service, responsible for managing cyber security incidents within the Proximus Group. The team is responsible for delivering all relevant services to mitigate an incident as quickly and efficient as possible and to keep (higher) management updated on the progress. As...

  • IT Security Specialist

    il y a 1 semaine


    Brussels, Belgique EUROPEAN DYNAMICS Temps plein

    **Your tasks** - Conduct computer forensics investigations on targeted cyber-attacks and other security-related incidents involving leak of sensitive non-classified or classified information; - Malware analysis and behavioral analysis to produce cyber threat intelligence; - Research and development of new solutions to perform better response to...


  • Brussels, Belgique Vector Synergy Temps plein

    **Location**: Brussels, Belgium **Security Clearance**: EU Restricted **Introduction**: **Skills, knowledge, experience required**: - At least 1 certification among the following: - GPEN (GIAC Certified Penetration Tester); - GCED (GIAC Certified Enterprise Defender); - GPPA (GIAC Certified Perimeter Protection Analyst); - GCFE (GIAC Certified Forensic...

  • Incident Manager

    il y a 3 semaines


    Brussels, Belgique NVISO Temps plein

    Already experienced in the world of cyber security? New to it all, but genuinely interested? Well, at NVISO we might be looking for you and we’d love to have a chat! Who are we? **It all starts with the mission**: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private...


  • Brussels, Belgique EGOV Select Temps plein

    **Environment de travail** Le **Computer Emergency Response Team **fédéral** (CERT.be)** est un service opérationnel du CCB. Le service est responsable pour la gestion et la réaction face aux incidents de cybersécurité en Belgique. Le CERT se consacre à la protection de l’infrastructure numérique et des systèmes et réseaux du pays contre les...


  • Brussels, Belgique The White Team Temps plein

    At the WhITeam we are seeking an** IT Expert in Cyber Attack Response **to join us in our project in **Brussels** and work with the European Commission. Some of the **tasks** will be: - Conduct computer forensics investigations on targeted cyber attacks and other security-related incidents involving leak of sensitive non-classified or classified...