Our client is a Cyber Security Operations Centre with a mission to strengthen the IT Security for the whole organization.

The main objectives of the sector are to provide secure, scalable, and sustainable services that support the cybersecurity functions of the unit.

The client’s Endpoint Security Solutions (ESS) team is managing a cybersecurity service bundle. This bundle includes threat detection, alert handling, and incident response services.

The unit is looking for a hands-on Cybersecurity Engineer. The consultant will be providing support and working with platforms such as Endpoint Detection and Response (EDR) and the Cloud-native Application Protection Platform (CNAPP), among other.

Contract type: Freelancer, with an initial contract duration of 110 days, and the possibility for renewal based on performance.

Location: Luxembourg City, with a required on-site office presence at the institution’s office.

Key responsibilities:

• Provide technical support to customer (system administration teams) in deploying and maintaining EDR and CNAPP agents on enterprise environments, including:

o On-premises and public cloud environments.

o Client & server endpoints (physical hosts, VMs, VDIs, and containers)

o Various operating systems (Windows, Linux, and MacOS)

• Test, maintain, and document security policies for EDR and CNAPP.

• Liaise with infrastructure teams and vendors to ensure the uptime and maintenance of EDR and CNAPP tools and services.

• Contribute to the improvement of services by testing, maintaining, and documenting security policies and procedures for EDR and CNAPP.

• Define and enforce custom security policies for containers, hosts, and orchestrators (e.g., Kubernetes)

• Conduct regular audits and assessments of security posture.

• Integrate EDR and CNAPP tools with other security tools and platforms to enhance overall security posture and security operations resilience.

• Monitor the performance of EDR and CNAPP tools and optimize configurations to ensure minimal impact on system resources while maintaining robust security.

Key requirements:

• Hands-on experience with evaluating, deploying, configuring, troubleshooting and maintaining EDR and CNAPP solutions.

• Hands-on experience with virtualizations/container (e.g. Kubernetes).

• Hands-on experience with SIEM integration, configuration, and advanced usage.

o Expertise in Splunk Enterprise will be a strong advantage.

• Solid experience in troubleshooting complex operations incidents by analysing system logs.

• Hands-on experience and training in Carbon Black Cloud, Sysdig and equivalent solutions is essential for this position.

• Hand-on experience on SOAR technology (e.g. XSOAR)

• In-depth knowledge of scripting languages such as Bash, PowerShell and Python.

• In-depth knowledge of threat detection and incident response service specificities and technical dependencies.

• In-depth knowledge of evaluating and comparing EDR and CNAPP solutions.

• In-depth knowledge of IAM

• Solid experience in project leadership and reporting, dependency planning,

• Understanding of Security principles, especially in cloud environments

• Solid experience in security engineering role, particularly in cloud-native environments.

• Proficiency in troubleshooting networking issues (connectivity, routing, etc.).

• Service delivery and SLA driven mentality, without compromising cybersecurity coverage.

• Familiarity with vulnerability management processes

• Certifications in Cybersecurity (CISSP, Security+), Networking (CISCO CCNA, CCNP), Service Management (ITIL)

• Ability to cope with fast-changing technologies used in EDR and CNAPP context.

• Ability to integrate in an international/multicultural environment, rapid self-starting capability and experience in working in team;

• Ability to establish trusting relationships with counterparts in partnering organizations;

• Poses a higher level of education relevant to the area of expertise.

• Eligible and willing to undergo an EU LEVEL SECRET security clearance.