Important: Applicants must have full rights as Belgian citizens or have been living for 5-10 years in Belgium as a resident to be considered for this role.
Location: Based in Belgium able to come 1/week at the office.
SIEM analyst
We are looking for someone who has experience as a detection analyst or experience with creating detection rules and worked in a SOC before.
Your Profile:
Bachelor’s degree in Computer science/Information security or equivalent combination of education and experience.
Experience with Splunk Enterprise Security is mandatory.
You have in-depth knowledge of the security aspects of Windows, Linux, internet technology and network protocols.
You have knowledge of a query language (KQL, SPL..).
Experience within a SOC environment is considered of high value.
Experience with public cloud (Azure, GCP, AWS..) is considered of high value.
Your role:
You work actively together with the application and engineering teams on log ingestion tasks.
You validate the content of the ingested logs at the SIEM.
You actively collaborate with our Cyber Defense Center and threat intel team to create and improve existing monitoring use cases.
You represent CSIRT in meetings with application stakeholders to make sure the right logs are selected and obtained by CSIRT.
You are flexible and a strong team player.
You have great communication skills.
You show integrity & trust while managing confidential information.
A mastering of English is a must for the position. Speaking French and/or Dutch is a plus but not mandatory.