About this role
Do you want to be a part of one of the fastest-growing and largest Security Operations Centers in Europe? Do you have a passion for Cyber Security, especially advanced Managed Detection & Response (MDR)? Does Incident Response, Digital Forensics, Threat Hunting, Threat Intelligence and everything related to Cyber Security feel like second nature to you? Are you a Cyber Defender at heart, driven to strengthen the blue team and help organizations that are under attack? If you answered yes to all of these questions, you might be the perfect fit for our CSIRT Analyst role. You handle security alerts/incidents that have been escalated by the SOC Analysts (Tier 2) You conduct DFIR assignments, including DFIR readiness assessments You participate in the weekly Threat Hunting duty to proactively chase threats through novel Tools, Techniques & Procedures (TTPs) You will perform compromise assessments to identify potential compromises and their scope You collect Threat Intelligence (IOCs and TTPs) You will contribute to Detection Engineering in SIEM, xDR, … Together with the Red Team you will do Purple Teaming exercises to test and improve defenses You contribute to the creation of playbooks in SOAR You will co-write processes and procedures related to DFIR, Threat Intelligence, Threat Hunting, … You will be part of our Incident Response on call service. Profile You have at least 3-5 years of experience in a similar position You have a bachelor or master degree or equivalent through experience You are able to perform forensically sound acquisition, parsing and analysis of disk, memory images, forensic artifacts and logs in order to rebuild the timeline of events for a cybersecurity incident. Extensive hands-on experience in this domain of expertise is mandatory You have experience and/or interest in working with the following MDR tools: EDR (CrowdStrike Falcon, MS Defender for Endpoint, Sentinel One, ...), NDR (Vectra, Darktrace, ...), xDR (CrowdStrike Identity Protection, MS Defender for Office/Clouds Apps/Identity/...) As an analyst or engineer, you already have a good knowledge of Security Monitoring with SIEM technologies You are passionate about the following security capabilities: Security Monitoring, Digital Forensics, Incident Response, Threat Intelligence, Threat Hunting, ... You have a hands-on and proactive mindset with a 'can do' mentality You speak and write English fluently.