Analyst & Detection Engineer L3

Function

We're seeking a highly skilled professional to join our client's dynamic team, focusing on enhancing cybersecurity measures within a critical operational environment. This role demands expertise in incident response, threat detection, and collaborative teamwork to strengthen our client’s security posture.

The successful candidate will take the lead in investigating complex cybersecurity incidents and will act as a key support for junior analysts. Responsibilities include:

• Leading investigations and resolving high-severity cybersecurity incidents while providing technical guidance to the team.
• Conducting thorough forensic investigations and root cause analyses.
• Performing proactive threat hunting activities, utilizing threat intelligence to identify, analyze, and respond to potential threats.
• Designing and enhancing detection mechanisms through the development of use cases and correlation rules within the Security Information and Event Management (SIEM) systems.
• Identifying gaps in current monitoring and incident response processes and contributing to the continuous improvement of playbooks and procedures.

The ideal candidate will be a proactive and autonomous player with a strong background in IT security, possessing the following skills:

• A minimum of 5 years of experience in advanced incident response and malware analysis.
• Expertise in developing detection use cases and improving existing detection mechanisms to enhance threat detection accuracy.
• Solid knowledge of SIEM tools (such as Splunk and Microsoft Sentinel) and experience with scripting languages, particularly KQL.
• Strong understanding of security frameworks like MITRE ATT&CK and Cyber Kill Chain.
• Fluency in English and either Dutch or French is essential.

As this position is tied to the financial sector, candidates must be prepared to undergo a security check. The screening process may take up to 30 days, during which availability is required. Key competencies will be assessed, such as:

• Experience with threat hunting and incident response.
• Ability to analyze various security incidents and the methodology applied in previous roles.
• Understanding of the impact of advanced SOC activities in enhancing security outcomes.

Contactperson & Reference

• Reference #: INW25986
• Pieter Messely
• pieter.messely@i4m.be