Senior Security Engineer

External Advertisement

What does the function entail in general? 
You will be working in our Security Operations Center.
1.    Operational security management

  • Detection of security threats. Using tools (e.g. EDR), a central logging and alert system (SIEM) but also issues reported by KBC employees via our mailbox.
  • Analyses of security threats in cooperation with other technical teams and the (business) information security officers.
  • We take countermeasures to counter possible vulnerabilities and reduce our risk.
  • We work together with many teams to discuss different possible threats that can happen on their technologies. Analysis of those threats will result in defining scenarios and developing use cases based upon the logged data of their systems.
  • Help think about tracking and monitoring our systems set up to detect threats.
  • Make sure that all data needed for detecting those threats is available in our systems.

2.    Application management of the systems used by the SOC team itself.

Key duties and responsibilities:
•    Developing and testing new use case for the automatic detection of suspicious behavior on our systems;
•    Adapting and optimizing existing use-cases to the ever-changing behavior of hackers;
•    Finding the root cause of security alerts using extra contextual information such as server/system log files and the knowledge you have of attack methods, attackers and threats.
•    Thinking with security architects and analysts on how we can improve our security monitoring and take it to the next level;
•    Helping fine-tune and test our security alerts and incident/response procedures;
•    Reporting to system managers and managers about security incidents and preventive/counter measures to be taken and this in a for them understandable language;
•    Improving existing processes to prevent problems and avoid risks;
•    Preparing the SOC for a new threat detection landscape in our endpoints

Your qualifications?

  • We are looking for a senior profile. You have worked in a security Operations Center before.
  • Security driven: You have a keen eye for cyber security risks, how to recognize them and how to prevent them
  • You are a good communicator
  • You have good analytical skills to help analyze security events and incidents and you are strong in conceptual thinking. 
  • You have experience in mentorship and coaching
  • You have a broad view on IT Operating systems & middleware (Windows, Unix, Linux, databases) and networks
  • You have good knowledge of malware types and cyber-attack techniques (the kill chain)
  • You have experience with cloud applications (Azure , Azure AD or AWS)
  • You have experience with Security tooling for detection and analysis
  • You have experience with Incident response
  • You have experience with Network security, firewall and IDS

Recruiter Name

Dobrin Stefanov Yanev

Contract Type:  Full-time
Level of Experience:  3. Senior (> 5 years)
Job requisition ID:  82497