Our Belgian practice is part of an EMEIA and Global cyber competency that holds over 7.000 cyber experts. We are one of the 63 Advanced Security Centers globally.
- Cyber Strategy and Resilience: Evaluate and improve our clients’ cybersecurity and resiliency program in context of the business growth and operations strategies.
- Offensive Security: Penetration testing and Red Teaming, identifying weaknesses in our clients’ IT and Technology environment.
- Defensive Security: Defensive security implementations and assessments, Blue Teaming, Incident Response, Incident monitoring. SIEM/SOC implementations. Handle security incidents with our clients, co-operating their Cyber Security Incident Response Team (CSIRT), working with Cyber Threat Intelligence and running our 24/7 Incident Response service.
- Cloud Security: Build security in our clients’ cloud solutions with focus on Security Orchestration, Automation & Response (SOAR).
- Digital Identify and Trust Services
We have ambitious plans to expand our market leading Cybersecurity practice. We continue to build our Cybersecurity practice and are looking for strong individuals with experience and expertise in cyber, more specifically in the domain of Defensive Security.
You will join a team of experts providing cybersecurity services to a wide range of clients in industry and government, both nationally and internationally. You will become part of our Defensive Security team, helping our clients improve their defensive capabilities and protect themselves against evolving threats. Depending on your level of experience also support our go-to-market and solutions in this domain.
By joining us now you will be part of our exciting growth strategy where you will get the opportunity to shape your career it in line with your own interests and aspirations.
Your key responsibilities
In this role, you will be part of the Defensive Security team, focusing on enhancing our clients' security operations and technologies. You will help build and improve defensive security capabilities as part of our project delivery, including designing and managing SIEM and SOAR solutions, conducting SOC assessments, and implementing robust security strategies.
You will also help to enhance and run our CSIRT capabilities for our clients as part of our project delivery. In case of a cyber incident, you will be part of the Incident Response team, respond to cyber incidents and perform forensics investigations.
Defensive Security Implementations & Assessments
- Analyze modern attack techniques and perform intelligence gathering on cyber adversaries
- Design, implement, and manage Security Information and Event Management (SIEM) systems to enhance security monitoring and incident detection
- Develop and deploy Security Orchestration, Automation, and Response (SOAR) solutions to streamline and automate security operations
- Evaluate and assess clients’ defensive setup to improve the effectiveness of existing security operations.
- Perform technical assessments of IT architectures, security design evaluations, network set up and logging and monitoring capabilities
- Provide guidance and training to clients on best practices for security operations, incident response, and security technology implementation
- Lead and participate in security tool evaluations and proof-of-concept projects to determine the best fit for clients' needs
CSIRT & DFIR
- Work with Cyber Threat Intelligence to finetune monitoring capabilities and to perform threat hunting as part of our clients’ CSIRT
- Build and improve CSIRT Standard Operating Procedures (SOP) and automate incident response
- Monitor and perform incident analysis and triage
- Perform incident containment, eradication and recovery
- Execute forensic data collection (evidence handling and data acquisitions) and handle the “crime scene”
- Perform forensic analysis and reporting
- Malware analysis and reverse engineering
- Report and present analysis outcome
Profile
- You have a Bachelor's or Master’s degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering or a related major.
- You have relevant experience in blue / purple teaming or CSIRT operations, more specifically defensive security implementations, security assessments, incident handling and triage, incident response, forensics or malware analysis.
- You have a strong interest in one of the 2 (or both) domains: Defensive Implementations and Assessments and CSIRT & DFIR .
- You have experience in working independently or as part of a large team to delivery cybersecurity services on its own or within large complex projects.
- Experience may include IT infrastructure, network security and EDR, XDR principles and solutions, Cyber Threat Intelligence platforms (e.g. MISP), Incident Response automation tools (e.g. The Hive), SANS SIFT and forensics acquisition and analysis tools.
- Experience with SIEM solutions and SOAR.
- Experience implementing and working with MS Defender, SentinelOne AZ Sentinel, Splunk, QRadar or similar solutions.
- You are familiar with the malware anatomy, mode of operations and Indicators of Compromise, MITRE AC&CK framework.
- You keep up-to-date with latest exploits, tactics, techniques and procedures (TTP), vulnerability remediation and security trends.
- You have knowledge of Windows, Linux, Unix and preferably some of the following: MacOS, Android, iOS and any other major operating systems.
- Knowledge of cloud technologies and Azure AD is considered a plus
- You have experience with scripting / programming skills (e.g., Python, PowerShell, Java, Perl, Ruby etc).
- Possession of relevant qualifications: GCFE, GCFA, GCT, GREM, GRID, GASF, GNFA, BTL(1,2) or similar are an asset.
- You have an analytical mindset, strive for quality and are able to work in a result-oriented environment.
- You have the ability to work both independently as well as within a team.
- You provide technical leadership and advise to other team members on defensive security.
- Fluent in either Dutch or French - Professional knowledge of English
Our Offer
A career with EY is not comparable with any other. With us, your competencies and your areas of interest will determine your future, so we offer you:
- A strong team with ambitious growth, which will allow you to work with prominent national and global organizations
- A clear career path and the opportunity to shape your own career
- A dynamic working environment, working with our experts on hot cyber topics
- Challenging project journeys and a position with a high degree of autonomy and responsibility
- An environment that continuously stimulates personal development, provides extensive trainings and renowned certifications
- Flexible working arrangements, support for a good work-life balance
- A competitive remuneration package
Here at EY, you’ll have the chance to build a truly exceptional experience. We’ll empower you with the latest technology, surround you with high-performing teams, and provide the global scale and diverse and inclusive culture you need to discover your full potential. Through our coaching and training programs, you’ll develop the skillsets you need to stay relevant today and in the future – all while building a network of colleagues, mentors, and leaders who will be on the journey with you at EY and beyond