Incident Responder
il y a 3 semaines
**Location**:
Brussels, Belgium
**Introduction**:
Security Incident Handling aims at providing a safe communications and information infrastructure for the Contracting EU Institutions' (EU-Is’) user community and information systems by detecting, analysing, and responding to cyber-attacks and security incidents.
This service involves security incident detection, containment, eradication, and recovery by taking action to protect systems and networks affected or threatened by intruder activity, providing solutions and mitigation strategies from relevant advisories or alerts, and defining and executing responses plans and playbook entries. It also encompasses the set of standards, processes, tools, technology, and skilled staff to detect in the earliest stage and to efficiently respond to cyber-attacks and security incidents.
**Skills, knowledge, experience required**:
- At least 1 certification in the field of incident handling:
- GCIH (GIAC Certified Incident Handler);
- GCIA (GIAC Certified Intrusion Analyst);
- ECIH (EC-Council Certified Incident Handler);
- CSIH (SEI Certified Computer Security Incident Handler);
- SCPO (SABSA Certified Security Operations and Service Management Practitioner);
- Minimum 2 years’ experience in networking (TCP/IP, SNMP, DNS, Syslog-ng, etc.);
- Sound knowledge of and minimum 1 year of experience with IT security issues;
- Sound background and minimum 1 year of experience in the following areas:
- Operating system security and working with multiple operating systems;
- Anti-virus technologies;
- Network security:
- Practical level understanding of common TCP/IP-based services and protocols such as DNS, DHCP, HTTP, FTP, SSH, and SMTP;
- Firewall theory;
- Proxies and reverse proxies;
- Intrusion detection systems (IDS) and intrusion prevention systems (IPS);
- Full packet capture analysis;
- Vulnerability assessment and handling;
- Malware reverse engineering;
- Handling malicious code incidents;
- System (file and memory) and network forensics analysis with tools such as:
- Forensic Toolkit (FTK);
- EnCase Enterprise;
- Knowledge of development and scripting languages such as:
- Python;
- C/C++;
- Java;
- JavaScript;
- Perl or Ruby;
- Regular expressions;
- Linux shell/bash;
- MS Windows PowerShell;
- Minimum 1 year of experience with:
- EnCase Enterprise and EnCase Cybersecurity or FTK/AccessData (AD) Enterprise or Mandiant Intelligent Response (MIR);
- Volatility framework;
- SIFT Workstation or The Sleuth Kit (TSK).
**Desirable**:
- At least 1 certification among the following:
- GPEN (GIAC Certified Penetration Tester);
- GCED (GIAC Certified Enterprise Defender);
- GPPA (GIAC Certified Perimeter Protection Analyst);
- GCFE (GIAC Certified Forensic Examiner);
- GCFA (GIAC Certified Forensic Analyst);
- GNFA (GIAC Certified Network Forensic Analyst);
- CFCE (IACIS Certified Forensic Computer Examiner);
- CCFP (Certified Cyber Forensics Professional);
- SCMO (SABSA Certified Security Operations and Service Management Specialist);
- Minimum 1 year of experience with STIX (Structured Threat Information Expression) with a particular focus on the following related standards:
- CybOX (cyber observables);
- CAPEC (attack patterns);
- MAEC (malware);
- TAXII (threat information exchange).
**Duties/role**:
- Collecting from and correlating with information sources;
- Assessing incoming incident reports and performing efficient triage;
- Acknowledging alerts from/to the reporter;
- Confirming and classifying the incidents;
- Opening the incidents in the workflow system, identifying the stakeholders and notifying them;
- Assigning the case to the appropriate incident handlers and initiating the incident handling process;
- Providing continuous improvement of incident response plans and playbook entries;
- Defining and carrying out security incident identification measures;
- Overseeing the ongoing analysis activities (forensics or reverse engineering) and analysing data in order to build a comprehensive view of the incident;
- Maintaining and sharing incident documentation:
- Elaborating the map of the attacks/incidents with tools such as MS Visio and Maltego;
- Building a reliable timeline of the incident;
- Maintaining a situation report using relevant information sharing tool (i.e. web portal, wiki);
- Defining response strategy and presenting it to Management for approval:
- Identification, data collection and analysis;
- Containment;
- Eradication;
- Recovery;
- Defining and carrying out containment, eradication, and recovery measures;
- Providing technical assistance to all stakeholders;
- Coordinating incident response;
- Participating in cyber-crisis management and coordination:
- Preparing and maintaining action plans;
- Drafting meeting minutes and reports;
- Following up on the execution of actions decided by the Crisis Committee;
- Arranging crisis logistics, including meetings;
- Examining available information and supporting evidence or artefacts
-
Incident Responder
il y a 4 semaines
Brussels, Belgique Vector Synergy Temps plein**Location**: Brussels, Belgium **Security Clearance**: EU Secret **Introduction**: Security Incident Handling aims at providing a safe communications and information infrastructure for the Contracting EU Institutions' (EU-Is’) user community and information systems by detecting, analysing, and responding to cyber-attacks and security incidents. This...
-
Incident Responder
il y a 3 semaines
Brussels, Belgique ARHS Developments Belgium Temps plein**Company Description** Arηs is a fully **independent** group of companies specialized in managing complex **IT projects and systems **for **large organisations**, focusing on state-of-the-art software development, business intelligence and infrastructure services. We are composed of 17 entities across 9 countries that are unified by the Arηs Group, with...
-
Incident Responder
il y a 4 semaines
Brussels, Belgique NRB Temps plein**Trasys International** offers IT Consulting jobs at the **European Institutions** and** International Organizations.** Your main responsibilities: - Collection from and correlation with information sources - Assess incoming incident reports and perform efficient triage. Acknowledge alerts from/to reporter - Confirm and classify the incidents; - Open an...
-
Incident Responder
il y a 4 semaines
Brussels, Belgique WDS Global Limited Temps plein**Job Type: Contract** **Job Location: Brussels 3 days a week onsite/ 2 days remote** **Contract Rate: Euro 550 per day** **Contract Length: 6 Months with extensions** Maintain and share incident documentation Elaborate the map of the attack/incident (i.e. with tools like MS Visio, Maltego) Build a reliable timeline of the incident Maintain a...
-
Incident Responder
il y a 3 semaines
Brussels, Belgique WDS Global Limited Temps plein**Job Type: Contract** **Job Location: Brussels** **Contract Rate: Euro 550 per day** **Contract Length: 12 Months with Multiple extensions** Job description: - 3 Years Incident Response experience - CSIRT Experience - Forensics experience - Conduct threat intelligence related tasks. Review existing threat intelligence reports and extract the relevant...
-
Incident Responder
il y a 2 semaines
Brussels, Belgique WDS Global Limited Temps plein**Job Type: Contract** **Job Location: Brussels onsite** **Contract Rate: Euro 640 per day** **Contract Length: 12 Months with Multiple extensions** CLIENT REQUIRES EU NATIONALS AND NO REMOTE - Profile: Senior - Specific skills - Mandatory: administrating and using - MISP (Malware Information Sharing Platform) - Arkime (former Moloch) - N-IDS...
-
Cyber Security
il y a 1 semaine
Brussels, Belgique Proximus Group Temps plein**Role description** The Cyber Security Incident Response Team is a centralized security service, responsible for managing cyber security incidents within the Proximus Group. The team is responsible for delivering all relevant services to mitigate an incident as quickly and efficient as possible and to keep (higher) management updated on the progress. As...
-
Incident Manager
il y a 3 semaines
Brussels, Belgique NVISO Temps pleinAlready experienced in the world of cyber security? New to it all, but genuinely interested? Well, at NVISO we might be looking for you and we’d love to have a chat! Who are we? **It all starts with the mission**: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private...
-
Incident Response
il y a 2 semaines
Brussels, Belgique Tobania Temps plein**What can you expect?**: The Incident Response Analyst handles security incidents received/scaled from Threat Triage or other IT detection functions and performs technical impact analysis on the security incident. While the Threat Triage Analyst focuses primarily on root cause analysis and limited response, the Incident Response Analyst focuses primarily on...
-
Cyber Security
il y a 4 semaines
Brussels, Belgique Proximus Group Temps pleinA job at Proximus? You’ll find that everything revolves around the idea ‘Think Possible’. This means: we always assume that something is possible, even if it seems impossible. Well, especially so, actually. Call it a way of thinking that involves being open to a world of digital solutions that make our lives easier. And our way of working...
-
Incident Response
il y a 4 semaines
Brussels, Belgique Tobania Temps pleinWhat can you expect? The Incident Response Analyst handles security incidents received/scaled from Threat Triage or other IT detection functions and performs technical impact analysis on the security incident. While the Threat Triage Analyst focuses primarily on root cause analysis and limited response, the Incident Response Analyst focuses primarily on...
-
Security Operations Analyst
il y a 1 jour
Brussels, Belgique Luminus Temps pleinAre you ready to take on the challenge of protecting critical digital assets in an ever-evolving cybersecurity landscape? At Luminus, we’re looking for a proactive Security Operations Analyst to monitor, respond to, and prevent cybersecurity threats while driving innovation and collaboration.What You'll DoMonitor and respond to security events, alerts, and...
-
Ciso/csirt Officer
il y a 5 jours
Brussels, Belgique 3D-ICT Temps pleinIntroductie As a Cyber Security Incident Response Team Officer you will join the CISO Solutions and Services team within the CISO organization (Cyber - and Information Security Office). You will contribute to the daily incident detection and response activities including SOC engineering, threat detection, incident handling and threat...
-
Senior IT Security Manager
il y a 5 jours
Brussels, Belgique Indotronix UK Temps pleinDescription **Tasks**: - Provide ICT Security services requiring specific knowledge in hacking tactics, techniques and procedures; - Help developing the ICT cyber security strategy and controls in order to respond to cyber incidents in a more efficient way; - Administer Security Information and Event Management (SIEM) system and execute security...
-
Junior SOC Analyst
il y a 5 jours
Brussels, Belgique Sopra Steria Temps pleinSopra Steria is looking for a **Junior SOC Analyst**. As a **Junior SOC Analyst**, you will work alongside our experienced team of cybersecurity professionals to ensure the security of our systems. You will be jointly responsible for monitoring and analyzing security incidents, and taking appropriate measures to prevent potential incidents. **Your...
-
Iam Security Consultant
il y a 2 semaines
Brussels, Belgique Sopra Steria Temps plein**Sopra Steria Group,** a major player in consulting, technology services and software publishing in Europe, assists its clients in the successful transformation of their business and information systems. By combining value and innovation in the solutions proposed, and delivering utmost quality and performance in the services provided, Sopra Steria Group...
-
Senior IT Security Manager
il y a 1 semaine
Brussels, Belgique EUROPEAN DYNAMICS Temps plein**Tasks**: - Provide ICT Security services requiring specific knowledge in hacking tactics, techniques and procedures; - Help developing the ICT cyber security strategy and controls in order to respond to cyber incidents in a more efficient way; - Administer Security Information and Event Management (SIEM) system and execute security vulnerability...
-
Security Operations Analyst
il y a 6 jours
Brussels, Belgique Luminus Temps pleinMonitor and respond to security events, alerts, and incidents.Manage vulnerability assessments and implement corrective measures.Enhance endpoint security, privileged access, and secure code practices.Collaborate with cross-functional teams to build a strong security culture.Develop and refine security procedures to keep Luminus ahead of threats.Be part of a...
-
Cyber Security Specialist
il y a 4 jours
Brussels, Belgique Levy Associates Ltd Temps plein**Cyber Security Specialist** Join our team at **Levy**, We are seeking a dedicated **Cyber Security Specialist** to join our community. In this role, you'll play an essential part in ensuring the security of our systems and networks. You will analyze potential threats, deploy effective defenses, and respond to security incidents, all while protecting the...
-
SOC Analyst
il y a 4 semaines
Brussels, Belgique Proximus Group Temps plein**Role description** The Cyber Security Incident Response Team is a centralized security service, responsible for managing cyber security incidents within the Proximus Group. The team is responsible for delivering all relevant services to mitigate an incident as quickly and efficient as possible and to keep (higher) management updated on the progress. As a...