SOC Tier 3 / Team Lead

Are you looking for a new opportunity to contribute to a safer digital future? To help us enhance cyber resilience and strengthen digital trust through cutting-edge services and advanced technologies? A job adapted to your career ambitions and in which you could have an impact for the years to come?

We are looking for a SOC Tier 3 to join and lead our growing team in our brand-new Cybersecurity Centre of Excellence in Libin, Belgium.

The SOC Tier 3 will be an operational role, focusing on real time security event monitoring and security incident investigation. As a Team Lead, you will help your colleagues develop their skills, enhance processes, and optimize SOC operations. For that, you will work closely with the SOC manager.

About the client and location

Nexova is based at our new Cybersecurity Centre of Excellence in the Galaxia Business Park in Libin, Belgium. Strategically located in the Cyber Valley at the heart of the European Union, it is dedicated to supporting critical infrastructure organisations in the secure design, operation and use of their IT and OT systems.

The Centre will also serve as a focus to stimulate the convergence of institutional, academic and industrial players in the cybersecurity field. Our goal is to make cybersecurity proactive, accessible and a collective effort.

Tasks and Activities

The scope of work will include:

• Serving as the Tier 3 line in SOC operations, including incident response, incident escalations, expert reaction, incident closures and root cause analysis
• Be the SOC manager’s right hand in terms of technical implementation, readiness, assessment of services, and support
• Helping your colleagues with processes and optimizations related to monitoring, threat hunting, malware analysis, sandboxing, and automation.
• Engaging with external cybersecurity entities, law enforcement and industry partners for intelligence sharing and collaboration.
• Foreseeing in-depth analysis of log data, network traffic, and system behavior to identify anomalies and indicators of compromise.
• Assisting with vulnerability assessments and penetration tests
• Assisting in creating detailed incident reports, including timelines, actions taken, and lessons learned.
• Ensuring compliance with relevant security frameworks
• Developing and implementing countermeasures and remediation strategies.
• Providing guidance and mentorship to junior analysts, sharing knowledge and best practices.
• Participating in audits and supporting remediation.

Skills and Experience

The following skills and experience are mandatory:

• A Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent experience).
• At least 4 years of experience in a SOC environment.
• Advanced cybersecurity knowledge: In-depth understanding of cybersecurity concepts, threat landscapes and mitigation strategies.
• Technical expertise: proficiency in utilizing advanced security tools, SIEM tools and other cybersecurity technologies.
• Knowledge of defence in depth, network analysis tools, endpoint security and commercially used Tools for Incident Response and Threat Analysis.
• Proficient in gathering and analysing threat intelligence to enhance proactive threat hunting.
• Expertise in conducting detailed root cause analysis to identify the source and impact of security incidents.
• Incident handling: experience in leading and coordinating incident response efforts.
• Team coordination: the ability to lead seamlessly with other SOC team members and cross-functional teams.
• Eligible to undergo the ESA and EU secret security clearance procedure.
• Fluent in English, both written and spoken.

The following skills and experience would be desirable:

• Knowledge of French and/or Dutch.
• Technical security certifications such as GICSP, CISM, CEH, COMPTIA or equivalent.
• Experience with O365 Security Monitoring.
• Experience with SIEM and SOAR tools.
• Knowledge of different on-premises and cloud architectures used in SOC services.

Proficiency in utilizing advanced security tools, SIEM tools and other cybersecurity technologies.