Are you looking for a new opportunity to contribute to a safer digital future? To help us enhance cyber resilience and strengthen digital trust through cutting-edge services and advanced technologies? A job adapted to your career ambitions and in which you could have an impact for the years to come?
We are looking for SOC Analyst T3 to join and lead our growing team in our brand-new Cybersecurity Centre of Excellence in Libin, Belgium.
The SOC Analyst - Tier 3 will be an operational role, focusing on real time security event monitoring and security incident investigation.
About the client and location
Nexova is based at our new Cybersecurity Centre of Excellence in the Galaxia Business Park in Libin, Belgium. Strategically located in the Cyber Valley at the heart of the European Union, it is dedicated to supporting critical infrastructure organisations in the secure design, operation and use of their IT and OT systems.
The Centre will also serve as a focus to stimulate the convergence of institutional, academic and industrial players in the cybersecurity field. Our goal is to make cybersecurity proactive, accessible and a collective effort.
Tasks and Activities
The scope of work will include:
* Incident response: leading and orchestrating the response to complex and advanced security incidents, guiding Tier 1 and Tier 2 analysts in resolution efforts.
* Threat hunting: proactively searching for signs of advanced persistent threats within the environment, utilizing advanced techniques and tools.
* Malware analysis: analysing and dissecting malware to understand its functionality, origins and potential impact.
* Collaboration with external entities: engaging with external cybersecurity entities, law enforcement and industry partners for intelligence sharing and collaboration.
* Monitor and analyze network traffic and system logs using intrusion detection and prevention systems (IDS/IPS).
* Investigate alerts, identify potential threats, and take appropriate action to mitigate risks.
* Analyze security events from various sources, including security information and event management (SIEM) systems, to identify patterns, trends, and potential security breaches.
* Conduct in-depth analysis of log data, network traffic, and system behaviour to identify anomalies and indicators of compromise.
* Perform vulnerability assessments and penetration tests to identify weaknesses in systems and applications.
* Coordinate with system owners and stakeholders to prioritize and remediate vulnerabilities.
* Create detailed incident reports, including timelines, actions taken, and lessons learned, to assist in post-incident analysis and improvement of security processes.
* Conduct analysis of malicious files, including reverse engineering, to understand their behaviour, capabilities, and potential impact on systems.
* Develop and implement countermeasures and remediation strategies.
* Provide guidance and mentorship to junior analysts, sharing knowledge and best practices.
* Conduct training sessions and workshops to enhance the skills of the SOC team.
* Compliance Monitoring: assist in monitoring and ensuring compliance with relevant security frameworks, regulations, and standards (e.g., PCI DSS, GDPR, HIPAA).
* Participate in audits and support remediation.
Skills and Experience
The following skills and experience are mandatory:
* A Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent experience).
* More than 4 years of experience in a SOC environment, as a SOC analyst or similar role.
* Advanced cybersecurity knowledge: In-depth understanding of cybersecurity concepts, threat landscapes and mitigation strategies.
* Technical expertise: proficiency in utilizing advanced security tools, SIEM tools and other cybersecurity technologies.
* Proficiency in utilizing and analysing Endpoint Detection and Response (EDR) tools like CISCO AMP and SentinelOne, for example.
* Knowledge of defence in depth, network analysis tools, endpoint security and commercially used Tools for Incident Response and Threat Analysis.
* Proficient in gathering and analysing threat intelligence to enhance proactive threat hunting.
* Capability to perform behavioural analysis of malware and anomalous activities within the network.
* Expertise in conducting detailed root cause analysis to identify the source and impact of security incidents.
* Incident handling: experience in leading and coordinating incident response efforts.
* Team coordination: the ability to lead seamlessly with other SOC team members and cross-functional teams.
* Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Incident Handler (GCIH), or equivalent.
* Eligible to undergo the ESA and EU secret security clearance procedure.
* Fluent in English, both written and spoken.
The following skills and experience would be desirable:
* Other technical security certifications like GICSP, CISM, CEH, COMPTIA or other technical security certification.
* Experience with O365 Security Monitoring.
* Experience with SIEM tools such Qradar/Splunk/Arcsight/Prelude/Elastic/MS Sentinel.
* Experience with Security Orchestration and Response (SOAR) tools.
* Scripting (automation) and familiarity with Cloud (AWS/Azure).
#J-18808-Ljbffr