CSIRT Officer SAP

Brussel
|Brussel
|Freelance |Payroll (consultancy)
|Engels
# INW22336

Function

We’re looking for an experienced and proactive CSIRT Officer to join our client’s Cybersecurity Center of Excellence. In this role, you will contribute to the organization’s overall cyber resilience by handling security incidents, detecting and mitigating threats, and enhancing the company’s detection and response capabilities. You’ll work in a collaborative environment alongside internal teams and external security partners to ensure the highest standards of cyber defense.

Role & Responsibilities

As a CSIRT Officer, you will play a key role in security incident response, threat detection, and SIEM engineering. Your main responsibilities include:

Incident Handling & Response

  • Investigate and respond to level 3/4 cybersecurity incidents, including malware infections, intrusions, and data breaches

  • Conduct forensic analysis across IT, OT, and IoT environments

  • Collaborate closely with SOC and CSIRT teams to contain and remediate incidents

  • Develop and maintain incident response plans and procedures

  • Communicate effectively with stakeholders and report on incident progress and resolution

Threat Detection & Hunting

  • Proactively identify threats and vulnerabilities through continuous monitoring and hunting exercises

  • Analyze logs and system artifacts (Windows, Linux, network, etc.) to detect indicators of compromise

  • Work with the SOC team and external partners to investigate alerts and advise on remediation strategies

  • Develop new detection capabilities and optimize threat visibility

SIEM Engineering & Automation

  • Maintain and enhance SIEM systems to strengthen threat detection and response capabilities

  • Create and update use cases and detection rules based on the MITRE ATT&CK framework

  • Develop playbooks for the SOC and CSIRT teams to ensure consistent and efficient responses

  • Automate detection and response processes to improve operational efficiency

Projects & Continuous Improvement

  • Participate in cybersecurity-related projects, such as deploying new tools, platforms, or automation scripts

  • Contribute to process optimization and the introduction of innovative detection and response technologies

Profile

You are an analytical, solution-oriented cybersecurity professional with strong technical expertise and a hands-on approach to problem-solving. You’re passionate about cyber defense, threat hunting, and continuous improvement in incident response processes.

Required skills and experience:

  • Bachelor’s degree in Computer Science, Information Security, or equivalent experience

  • 5 to 10 years of experience in cybersecurity, focusing on incident response and analysis

  • Strong knowledge of security technologies (SIEM, EDR, intrusion detection/prevention, firewalls)

  • Experience with Sentinel SIEM, Defender, or similar tools

  • Understanding of critical infrastructure environments and SAP-related security

  • Deep understanding of networking protocols, operating systems, and cloud security concepts

  • Experience with forensic investigation, malware analysis, and SOC engineering

  • Ability to identify gaps in detection and automate alert handling

  • Certifications such as GCIH, GCFE, GCFA, GNFA, GCIA, or GREM are a plus

  • Fluent in English (spoken and written)

  • Availability for at least two days per week on-site (including Thursdays)

Back Print
Pieter Messely
Pieter Messely
pieter.messely@i4m.be
Cell phone:
(0) 470 026 712

Call me back

CSIRT Officer SAP
In4Matic uses cookies to remember certain preferences and align jobs interests.