About the company
Nexova is based at our new Cybersecurity Centre of Excellence in the Galaxia Business Park in Transinne, Belgium. Strategically located in the Cyber Valley at the heart of the European Union, it is dedicated to supporting critical infrastructure organisations in the secure design, operation and use of their IT and OT systems.
The Centre will also serve as a focus to stimulate the convergence of institutional, academic and industrial players in the cybersecurity field. Our goal is to make cybersecurity proactive, accessible and a collective effort.
The Centre will also serve as a focus to stimulate the convergence of institutional, academic and industrial players in the cybersecurity field. Our goal is to make cybersecurity proactive, accessible and a collective effort.
Job description
Are you looking for a new opportunity to contribute to a safer digital future? To help us enhance cyber resilience and strengthen digital trust through cutting-edge services and advanced technologies? A job adapted to your career ambitions and in which you could have an impact for the years to come?
We are looking for SOC Analyst T3 to join and lead our growing team in our brand-new Cybersecurity Centre of Excellence in Libin, Belgium.
The SOC Analyst - Tier 3 will be an operational role, focusing on real time security event monitoring and security incident investigation.
The scope of work will include:
· Incident response: leading and orchestrating the response to complex and advanced security incidents, guiding Tier 1 and Tier 2 analysts in resolution efforts.
· Threat hunting: proactively searching for signs of advanced persistent threats within the environment, utilizing advanced techniques and tools.
· Malware analysis: analysing and dissecting malware to understand its functionality, origins and potential impact.
· Collaboration with external entities: engaging with external cybersecurity entities, law enforcement and industry partners for intelligence sharing and collaboration.
· Monitor and analyze network traffic and system logs using intrusion detection and prevention systems (IDS/IPS). Investigate alerts, identify potential threats, and take appropriate action to mitigate risks.
· Analyze security events from various sources, including security information and event management (SIEM) systems, to identify patterns, trends, and potential security breaches. Conduct in-depth analysis of log data, network traffic, and system behavior to identify anomalies and indicators of compromise.
· Perform vulnerability assessments and penetration tests to identify weaknesses in systems and applications. Coordinate with system owners and stakeholders to prioritize and remediate vulnerabilities.
· Create detailed incident reports, including timelines, actions taken, and lessons learned, to assist in post-incident analysis and improvement of security processes.
· Conduct analysis of malicious files, including reverse engineering, to understand their behavior, capabilities, and potential impact on systems. Develop and implement countermeasures and remediation strategies.
· Provide guidance and mentorship to junior analysts, sharing knowledge and best practices. Conduct training sessions and workshops to enhance the skills of the SOC team.
· Compliance Monitoring: Assist in monitoring and ensuring compliance with relevant security frameworks, regulations, and standards (e.g., PCI DSS, GDPR, HIPAA). Participate in audits and support remediation.
We are looking for SOC Analyst T3 to join and lead our growing team in our brand-new Cybersecurity Centre of Excellence in Libin, Belgium.
The SOC Analyst - Tier 3 will be an operational role, focusing on real time security event monitoring and security incident investigation.
The scope of work will include:
· Incident response: leading and orchestrating the response to complex and advanced security incidents, guiding Tier 1 and Tier 2 analysts in resolution efforts.
· Threat hunting: proactively searching for signs of advanced persistent threats within the environment, utilizing advanced techniques and tools.
· Malware analysis: analysing and dissecting malware to understand its functionality, origins and potential impact.
· Collaboration with external entities: engaging with external cybersecurity entities, law enforcement and industry partners for intelligence sharing and collaboration.
· Monitor and analyze network traffic and system logs using intrusion detection and prevention systems (IDS/IPS). Investigate alerts, identify potential threats, and take appropriate action to mitigate risks.
· Analyze security events from various sources, including security information and event management (SIEM) systems, to identify patterns, trends, and potential security breaches. Conduct in-depth analysis of log data, network traffic, and system behavior to identify anomalies and indicators of compromise.
· Perform vulnerability assessments and penetration tests to identify weaknesses in systems and applications. Coordinate with system owners and stakeholders to prioritize and remediate vulnerabilities.
· Create detailed incident reports, including timelines, actions taken, and lessons learned, to assist in post-incident analysis and improvement of security processes.
· Conduct analysis of malicious files, including reverse engineering, to understand their behavior, capabilities, and potential impact on systems. Develop and implement countermeasures and remediation strategies.
· Provide guidance and mentorship to junior analysts, sharing knowledge and best practices. Conduct training sessions and workshops to enhance the skills of the SOC team.
· Compliance Monitoring: Assist in monitoring and ensuring compliance with relevant security frameworks, regulations, and standards (e.g., PCI DSS, GDPR, HIPAA). Participate in audits and support remediation.
Certifications
Certified Information Systems Security Professional (CISSP), Certified Incident Handler (GCIH), or equivalent.
Other technical security certifications like GICSP, CISM, CEH, COMPTIA or other technical security certification would be desirable.
Other technical security certifications like GICSP, CISM, CEH, COMPTIA or other technical security certification would be desirable.
Career pathway
Cyber Incident Responder
Required experience
At least 5-10 years of experience in the field
Level of studies
Bachelor's or equivalent level
