Senior SOC Analyst - Redu, België - RHEA Group

RHEA Group

Geverifieerd bedrijf

Redu, België

4 weken geleden

Geplaatst door:

Sophie Dubois

beBee Recruiter

Beschrijving

Are you looking for a new opportunity in a fast-moving global company with a family feel? A job where you could have an impact?

We are looking for a Senior SOC Analyst to support RHEA's growth in Cybersecurity Operational activities.

The SOC Analyst is an operational role, focusing on real time security event monitoring and security incident investigation.

You will have the opportunity to provide expert support to RHEA Group's new European Cybersecurity Centre of Excellence in Transinne, Belgium.

About the location:

RHEA Group and partner IDELUX are creating a European Cybersecurity Centre of Excellence in Transinne, Belgium, to support and strengthen European organizations across all sectors, including defence, against the perpetual threat of attacks, and to act as a centre of excellence to ensure digital trust at all times.

This new centre will provide a unique cybersecurity ecosystem and pool of expertise in the heart of Europe to effectively address any preventive and corrective concerns and needs that European organizations may have when it comes to securing their operations, IT systems and data.

Tasks and Activities:

The scope of work will include:

Lead and coordinate the response to security incidents, including triage, containment, eradication, and recovery. Analyze the scope and impact of incidents, identify root causes, and develop strategies to prevent future occurrences.
Proactively search for advanced threats and indicators of compromise within the organization's network and systems. Utilize threat intelligence, log analysis, and other tools to identify and mitigate potential security risks.
Monitor and analyze network traffic and system logs using intrusion detection and prevention systems (IDS/IPS). Investigate alerts, identify potential threats, and take appropriate action to mitigate risks.
Analyze security events from various sources, including security information and event management (SIEM) systems, to identify patterns, trends, and potential security breaches. Conduct indepth analysis of log data, network traffic, and system behavior to identify anomalies and indicators of compromise.
Create detailed incident reports, including timelines, actions taken, and lessons learned, to assist in postincident analysis and improvement of security processes.
Conduct analysis of malicious files, including reverse engineering, to understand their behavior, capabilities, and potential impact on systems. Develop and implement countermeasures and remediation strategies.
Manage and maintain security tools such as SIEM, IDS/IPS, antivirus, and endpoint detection and response (EDR) systems. Stay updated with the latest security technologies and recommend enhancements to the security infrastructure.
Monitor and analyze threat intelligence sources to stay abreast of the latest threats, vulnerabilities, and attack techniques. Assess the relevance and impact of threat intelligence on the organization's security posture.
Provide guidance and mentorship to junior analysts, sharing knowledge and best practices. Conduct training sessions and workshops to enhance the skills of the SOC team.
Prepare and deliver incident reports to senior management, stakeholders, or clients, providing clear and concise information about security incidents, their impact, and recommended actions.
Compliance Monitoring: Assist in monitoring and ensuring compliance with relevant security frameworks, regulations, and standards (e.g., PCI DSS, GDPR, HIPAA). Participate in audits and support remediation.

Skills and Experience:

The following skills and experience are mandatory:

A Bachelor's degree or equivalent related experience, Qualification in Cybersecurity or demonstrated interest in the cybersecurity domain.
A minimum of three years' experience in a similar role and in incident handling.
Experience with Windows and *nix platforms.
Willing to follow SOC processes and procedures while maintaining the flexibility to "think outside the box".
Knowledge of networking protocols (TCP/IP, DNS, HTTP, SSL, PKI, Radius).
Strong written and oral communication skills.
Collaborative and team focused.
Strong analytical, critical observation skills.
Ability to prioritize tasks.
Experience in working a 24/7 shift or oncall.
Languages: English (read/write/spoken) to B2 or higher with additional knowledge in any other European languages.
EU National and eligible to obtain a security clearance.

The following skills and experience would be highly desirable:

GICSP, CISM, CISSP, CEH, COMPTIA or other technical security certification.
Experience with O365 Security Monitoring.
Experience with SIEM tools such Qradar/Splunk/Arcsight/Prelude/Elastic/MS Sentinel.
Experience with Security Orchestration and Response (SOAR) tools.
Experience with using regular expressions and natural language queries.
Knowledge of common security frameworks (ISO 27001, COBIT, NIST).
K