Security Operations Center Analyst

Incident Responder / SOC Analyst (IRS)

Monitor the organisation’s (cyber) security state, manage incident during cyber-attacks and assure the continued operations of ICT systems.

Analyses, evaluates, and mitigates the impact of (cyber) security incidents. Restores systems’ and processes’ functionalities to an operational state according to the organisation’s Incident Response Plan.

Knowledge and skills

We need minimum 13 years of working experience plus a Bachelor in IT related field.

• Practice all technical, functional and operational aspects of (cyber)security incident handling and response.

• Work on operating systems, servers, clouds and relevant infrastructures (e.g., languages, software and emerging technologies, programming).

• Network and systems forensics. • Malware analysis. • Penetration testing. • Work under pressure. • Command, communicate and report. • Manage and analyse log files.

Technical certifications

• GIAC Certified Incident Handler (GCIH)

• GIAC Certified Forensic Analyst (GCFA)

• GIAC Network Forensic Analyst (GNFA)

• GIAC Reverse Engineering Malware (GREM)

Must be able to be on site in Brussels and also be eligible for EU clearance.

Nature of the tasks • Contribute to the development, maintenance and assessment of the Incident Response Plan.

• Develop, implement and assess procedures related to incident handling. • Identify, analyse, mitigate, and communicate (cyber) security incidents.

• Assess and manage technical vulnerabilities.

• Measure (cyber) security incidents detection and response effectiveness.

• Evaluate the resilience of the (cyber) security controls and mitigation actions taken after a (cyber) security or data breach incident.

• Adopt and develop incident handling testing techniques.

• Establish procedures for incident results analysis and incident handling reporting.

• Document incident results analysis and incident handling actions.

• Cooperate with Secure Operation Centres (SOCs) and Computer Security Incident Response Teams (CSIRTs).

• Cooperate with key personnel (e.g., CISO, Legal and compliance officer), for reporting of security incidents according to applicable legal framework (NIS, GDPR....).