CSIRT Cyber Security Engineer
Posted on May 5, 2020 by Gazelle Global Consulting
Junior + Senior Cyber Security Engineer | Anderlecht, Brussels |Minimum of 6 months contract + likely extension | Excellent hourly rate
The CSIRT Cyber Security Engineer will join the CISO S&S (Solutions and Services) team within our clients CISO organization (Cyber and Information Security Office).
The CSIRT Cyber Security Engineer is responsible to process proactive alerts and to cope with reported cyber security incidents -both from a technical perspective- within the NMBS organization (including its affiliates).
Within the CSIRT environment my client have multiple tools and solutions in place that helps us to identify potential cyber security incidents and risks. Building of these tools and solutions is not in scope, but you are in direct contact with the CSIRT build team to provide first-hand info on how to optimize, tune and extend these platforms.
It is however in our responsibility to process the output and act accordingly. You will need to evaluate the reported alerts from those systems, determine if it is a false-positive or not and based on that take the appropriate action. In case of a false-positive, feedback to the BUILD team or modifications to the configuration needs to be taken. In case of a real-positive, technical actions or coordination with the internal teams must be performed to ensure the problem is scoped, contained and remediated.
Reported cyber security incidents:
The CSIRT works closely together with the SOC team, where they provide a L1 and L2 service, you act as a L3.
This means that after a classification and first inspection of the reactive log has been performed by the SOC, the CSIRT Cyber Security Engineer will be handling all the tickets where in-depth technical knowledge, investigation or coordination is required.
You will be responsible to do re-analyses of provided info. Based on that you will collaborate on the containment, remediation and recovery of all systems and solutions part of the companys organization. Your goal must be to solve as many tickets as possible yourself, or in case needed to take the lead in coordinating the technical work with the internal teams.
* Bachelor's degree or equivalent experience
* 1 to 3 years of relevant experience in incident handling
* Knowledge of networking and security protocols like TCP, UDP, VPN, VLAN, BGP,
* Understanding of security solutions like Proxy, mail-relays, FW-rulebases, end-point anti-virus configurations, SIEM, IDS/IPS,
* Keyworks like social engineering, scraping, information disclosure, brand monitoring, darkweb, are not new to you
* Capable to solve technical problems yourself or to work in close collaboration with other technical profiles to address those problems as a team
* Customer focus and able to handle in an organization-sensitive way
* Record of responsibility
* Spoken and written fluency in English, and Dutch or French
* Passive understanding of Dutch and French
Shortlisting immediately, phone interview today.
This role is suitable for a Cyber Security Engineer (English, French or Dutch-speaking) in Anderlecht, Brussels, who is looking to work in a funny and professional team within a successful multinational company.
If you are thinking about what to do next, apply now and attach your CV and we will be in touch as soon as possible.