Computer Security Incident Response Officer

Incident handling and response

As member of a dynamic CSIRT team you will need to be able to respond adequately to cyber security incidents by working together with fellow CSIRT officers and any possible stakeholders. CSIRT members analyze, isolate and remove threats in a timely fashion and document their cases, create or improve standard operating procedures, playbooks and knowledgebase articles. CSIRT members are able to explain security threats to end-users as well as system, application and network administrators.

Threat detection and hunting

As a CSIRT professional you will be analyzing escalated incidents originating from a 3^rd party SOC service and analyze alerts from custom built tools that monitor Active Directory, public exposure and the SNCB brand and analysis of phishing emails reported to CSIRT. You will also perform threat hunting on collected data and contribute to the development of analytical rules and automation.

Vulnerability management

As a CSIRT officer you will collect the vulnerabilities on all NMBS assets, IT as well as OT, interpret and aggregate the results. You provide appropriate support to the risk and compliance teams and technical support to remediate the vulnerabilities with the help of the cyber support team.

• Bachelor's degree or equivalent experience
• 3 to 5 years of relevant experience in incident handling, vulnerability management
• Spoken and written fluency in English and Dutch and/or English and French
• Competent to analyse processes and propose improvements
• Interested in Windows and Linux operating systems, networking and applications
• Experience with security solutions like SIEM, VM, AV, IDS, EDR, …
• Keyworks like social engineering, scraping, information disclosure, brand monitoring, darkweb, … are known to you
• Understanding and an interest in different cyber-attack techniques
• Customer focus and able to handle in an organization-sensitive way
• Record of responsibility

Our client contributes to the digital transformation of the public transportation-facilities.

You will have a job with social impact and ample opportunity to make your own contribution. In addition to a good work-life balance and a market-related salary, you have:

• the possibility to work remotely for up to three days per week + flexible working hours;
• 35 days of leave;
• a company car + a public transport pass;
• a target bonus;
• a hospitalisation insurance (including dental care) for the entire family, a group insurance and a disability insurance (cafeteria plan), without own contribution;
• meal cheques and eco-vouchers;
• net allowances for remote working and carwash + internet budget.