About the company
Nexova is based at our new Cybersecurity Centre of Excellence in the Galaxia Business Park in Transinne, Belgium. Strategically located in the Cyber Valley at the heart of the European Union, it is dedicated to supporting critical infrastructure organisations in the secure design, operation and use of their IT and OT systems. The Centre will also serve as a focus to stimulate the convergence of institutional, academic and industrial players in the cybersecurity field. Our goal is to make cybersecurity proactive, accessible and a collective effort.
Job description
Are you looking for a new opportunity to contribute to a safer digital future? To help us enhance cyber resilience and strengthen digital trust through cutting-edge services and advanced technologies? A job adapted to your career ambitions and in which you could have an impact for the years to come?
We are looking for SOC Analyst T2 to join our growing team in our brand-new Cybersecurity Centre of Excellence in Libin, Belgium.
The SOC Analyst - Tier 2 will be an operational role, focusing on real time security event monitoring and security incident investigation.
The scope of work will include:
· Incident investigation: conducting in-depth investigations into security incidents escalated from Tier 1, including analysis of logs, network traffic and endpoint data.
· Advanced threat detection: utilizing advanced security tools and techniques to identify and respond to sophisticated cyber threats.
· Incident response: taking a lead role in incident response activities, coordinating with Tier 1 analysts (Tier 1 analysts primarily handle routine incidents and alerts, while Tier 2 analysts handle more complex and advanced incidents).
· Monitor and analyze network traffic and system logs using intrusion detection and prevention systems (IDS/IPS). Investigate alerts, identify potential threats, and take appropriate action to mitigate risks.
· Analyze security events from various sources, including security information and event management (SIEM) systems, to identify patterns, trends, and potential security breaches. Conduct in-depth analysis of log data, network traffic, and system behavior to identify anomalies and indicators of compromise.
· Contribute to incident reports, including timelines, actions taken, and lessons learned, to assist in post-incident analysis and improvement of security processes.
· Conduct analysis of malicious files, including reverse engineering, to understand their behavior, capabilities, and potential impact on systems. Develop and implement countermeasures and remediation strategies.
We are looking for SOC Analyst T2 to join our growing team in our brand-new Cybersecurity Centre of Excellence in Libin, Belgium.
The SOC Analyst - Tier 2 will be an operational role, focusing on real time security event monitoring and security incident investigation.
The scope of work will include:
· Incident investigation: conducting in-depth investigations into security incidents escalated from Tier 1, including analysis of logs, network traffic and endpoint data.
· Advanced threat detection: utilizing advanced security tools and techniques to identify and respond to sophisticated cyber threats.
· Incident response: taking a lead role in incident response activities, coordinating with Tier 1 analysts (Tier 1 analysts primarily handle routine incidents and alerts, while Tier 2 analysts handle more complex and advanced incidents).
· Monitor and analyze network traffic and system logs using intrusion detection and prevention systems (IDS/IPS). Investigate alerts, identify potential threats, and take appropriate action to mitigate risks.
· Analyze security events from various sources, including security information and event management (SIEM) systems, to identify patterns, trends, and potential security breaches. Conduct in-depth analysis of log data, network traffic, and system behavior to identify anomalies and indicators of compromise.
· Contribute to incident reports, including timelines, actions taken, and lessons learned, to assist in post-incident analysis and improvement of security processes.
· Conduct analysis of malicious files, including reverse engineering, to understand their behavior, capabilities, and potential impact on systems. Develop and implement countermeasures and remediation strategies.
Certifications
GCIH. GICSP, CISM, CISSP, CEH, COMPTIA or another security certification is an asset.
Career pathway
Cyber Incident Responder
Required experience
At least 1-3 years of related work experience
Level of studies
Bachelor's or equivalent level