Note: Candidates should be based in Belgium ( preferred), France or the in The Netherlands

Requested Security & Engineering Experience

• Demonstrated, hands-on experience with Database Activity Monitoring (DAM) (use-case engineering, alert tuning, operations, and stakeholder reporting).
• Demonstrated, hands-on experience with Microsoft 365 security, specifically Microsoft Purview and Microsoft Defender
• Hands-on experience with Netskope (CASB/DLP policy engineering, tenant administration, integrations, alert tuning, and BAU operations).
• Knowledge and experience in other security engineering domains is considered an added value, eg:
• Solid understanding of Windows environments, Active Directory, and identity-based controls.
• Experience evaluating and integrating security tools into complex enterprise environments.
• Microsoft Exchange Online, SharePoint Online, OneDrive, Teams
• Email security controls (eg, DMARC/DKIM/SPF, malware, spoofing, spam, TLS, S/MIME, etc.)
• Endpoint protection (eg Defender, Purview DLP, CrowdStrike, etc.)
• DLP platforms (eg, Purview DLP) and Netskope experience (CASB/DLP configuration, policy tuning, incident handling, reporting).
• SIEM/SOAR platforms for security monitoring and response (eg, Splunk, Cortex XSOAR)
• Knowledge of standard security and control frameworks such as ISO/IEC 27001/27002, NIST Cybersecurity Framework (CSF) and NIST SP 800-53, CIS Critical Security Controls (v8), and similar.
• Familiarity with threat and adversary frameworks such as MITRE ATT&CK is a plus.
• Cybersecurity training and certifications (eg, CISSP, CISM or equivalent) are a plus.
• Experience with Scripting and automation (PowerShell; Python, Shell, SQL; Microsoft Power Platform).
• Ability to design repeatable, maintainable, and auditable engineering solutions.
• Strong analytical and problem-solving skills, with the ability to address complex technical issues.
• Creative, with the ability to see the bigger picture when addressing issues.
• Proactive, service-oriented mindset with a strong sense of ownership.

Your key responsibilities & duties

1. Execute a structured handover from the current contractor and ensure continuity for the Microsoft 365 security stack (Purview, Defender) and the emerging DAM capability.
2. Provide engineering input to the DAM tooling acquisition: define requirements and success criteria; support vendor evaluation activities (eg, RFP technical inputs, demos, PoC design/execution support); and contribute to solution recommendation and implementation planning.
3. Operationalise DAM and M365 controls by implementing and tuning detections and alerting (including false-positive reduction), establishing BAU processes, and ensuring production readiness (runbooks and documentation).
4. Act as the SME for Microsoft Purview and Microsoft Defender: operate and improve controls (DLP, information protection, investigations), support stakeholders, and provide evidence for audits and governance related to in-scope controls.