The opportunity
We have ambitious plans to expand our market leading Cybersecurity practice. We continue to build our Cybersecurity practice and are looking for strong individuals with experience and expertise in cyber, more specifically in the domain of Defensive Security.
You will join a team of experts providing cybersecurity services to a wide range of clients in industry and government, both nationally and internationally. You will become part of our Defensive Security team, helping our clients improve their defensive capabilities and protect themselves against evolving threats. Depending on your level of experience also support our go-to-market and solutions in this domain.
By joining us now you will be part of our exciting growth strategy where you will get the opportunity to shape your career it in line with your own interests and aspirations.
Your key responsibilities
Taking into account your experience and maturity, your involvement will vary from assisting in delivering these projects, acting as a subject matter expert or leading a team towards excellent client experience.
In this role, you will be part of the Defensive Security team, focusing on enhancing our clients' security operations and technologies. You will help build and improve defensive security capabilities as part of our project delivery, including designing and managing SIEM and SOAR solutions, conducting SOC assessments, and implementing robust security strategies.
You will also help to enhance and run our CSIRT capabilities for our clients as part of our project delivery. In case of a cyber incident, you will be part of the Incident Response team, respond to cyber incidents and perform forensics investigations.
Defensive Security Implementations & Assessments
1. Analyze modern attack techniques and perform intelligence gathering on cyber adversaries
2. Design, implement, and manage Security Information and Event Management (SIEM) systems to enhance security monitoring and incident detection
3. Develop and deploy Security Orchestration, Automation, and Response (SOAR) solutions to streamline and automate security operations
4. Evaluate and assess clients’ defensive setup to improve the effectiveness of existing security operations.
5. Perform technical assessments of IT architectures, security design evaluations, network set up and logging and monitoring capabilities
6. Provide guidance and training to clients on best practices for security operations, incident response, and security technology implementation
7. Lead and participate in security tool evaluations and proof-of-concept projects to determine the best fit for clients' needs
CSIRT & DFIR
8. Work with Cyber Threat Intelligence to finetune monitoring capabilities and to perform threat hunting as part of our clients’ CSIRT
9. Build and improve CSIRT Standard Operating Procedures (SOP) and automate incident response
10. Monitor and perform incident analysis and triage
11. Perform incident containment, eradication and recovery
12. Execute forensic data collection (evidence handling and data acquisitions) and handle the “crime scene”
13. Perform forensic analysis and reporting
14. Malware analysis and reverse engineering
15. Report and present analysis outcome
Profile
16. You have a Bachelor's or Master’s degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering or a related major.
17. You have relevant experience in blue / purple teaming or CSIRT operations, more specifically defensive security implementations, security assessments, incident handling and triage, incident response, forensics or malware analysis.
18. You have a strong interest in one of the 2 (or both) domains: Defensive Implementations and Assessments and CSIRT & DFIR .
19. You have experience in working independently or as part of a large team to delivery cybersecurity services on its own or within large complex projects.
20. Experience may include IT infrastructure, network security and EDR, XDR principles and solutions, Cyber Threat Intelligence platforms ( MISP), Incident Response automation tools ( The Hive), SANS SIFT and forensics acquisition and analysis tools.
21. Experience with SIEM solutions and SOAR.
22. Experience implementing and working with MS Defender, SentinelOne AZ Sentinel, Splunk, QRadar or similar solutions.
23. You are familiar with the malware anatomy, mode of operations and Indicators of Compromise, MITRE AC&CK framework.
24. You keep up-to-date with latest exploits, tactics, techniques and procedures (TTP), vulnerability remediation and security trends.
25. You have knowledge of Windows, Linux, Unix and preferably some of the following: MacOS, Android, iOS and any other major operating systems.
26. Knowledge of cloud technologies and Azure AD is considered a plus
27. You have experience with scripting / programming skills (, Python, PowerShell, Java, Perl, Ruby etc).
28. Possession of relevant qualifications: GCFE, GCFA, GCT, GREM, GRID, GASF, GNFA, BTL(1,2) or similar are an asset.
29. You have an analytical mindset, strive for quality and are able to work in a result-oriented environment.
30. You have the ability to work both independently as well as within a team.
31. You provide technical leadership and advise to other team members on defensive security.
32. Fluent in either Dutch or French - Professional knowledge of English
Our Offer
A career with EY is not comparable with any other. With us, your competencies and your areas of interest will determine your future, so we offer you:
33. A strong team with ambitious growth, which will allow you to work with prominent national and global organizations
34. A clear career path and the opportunity to shape your own career
35. A dynamic working environment, working with our experts on hot cyber topics
36. Challenging project journeys and a position with a high degree of autonomy and responsibility
37. An environment that continuously stimulates personal development, provides extensive trainings and renowned certifications
38. Flexible working arrangements, support for a good work-life balance
39. A competitive remuneration package
Here at EY, you’ll have the chance to build a truly exceptional experience. We’ll empower you with the latest technology, surround you with high-performing teams, and provide the global scale and diverse and inclusive culture you need to discover your full potential. Through our coaching and training programs, you’ll develop the skillsets you need to stay relevant today and in the future – all while building a network of colleagues, mentors, and leaders who will be on the journey with you at EY and beyond