Incident handling and response
As member of a dynamic CSIRT team you will need to be able to respond adequately to cyber security incidents by working together with fellow CSIRT officers and any possible stakeholders. CSIRT members analyze, isolate and remove threats in a timely fashion and document their cases, create or improve standard operating procedures, playbooks and knowledgebase articles. CSIRT members are able to explain security threats to end-users as well as system, application and network administrators.
Threat detection and hunting
As a CSIRT professional you will be analyzing escalated incidents originating from a 3rd party SOC service and analyze alerts from custom built tools that monitor Active Directory, public exposure and the SNCB brand and analysis of phishing emails reported to CSIRT. You will also perform threat hunting on collected data and contribute to the development of analytical rules and automation.
As a CSIRT officer you will collect the vulnerabilities on all NMBS assets, IT as well as OT, interpret and aggregate the results. You provide appropriate support to the risk and compliance teams and technical support to remediate the vulnerabilities with the help of the cyber support team.
Our client contributes to the digital transformation of the public transportation-facilities.
You will have a job with social impact and ample opportunity to make your own contribution. In addition to a good work-life balance and a market-related salary, you have: