Innova - Cyber Security Consultant

Position overview

• The Cyber Security Incident Response Team is a centralized security service, responsible for managing cybersecurity incidents within the group.
• The team is responsible for delivering all relevant services to mitigate an incident as quickly and efficient as possible and to keep (higher) management updated on the progress.
• As a SIEM analyst in CSIRT you are responsible for creating and improving monitoring use cases for the various log sources that are onboarded in the SIEM.
• A strong set of data analytics skills are required for this function.
• Your main objective is to come up with actionable use cases in a security monitoring context that improves the visibility of the environment.

What you'll do

• You work actively together with the application and engineering teams on log ingestion tasks.
• You validate the content of the ingested logs at the SIEM.
• You actively collaborate with our Cyber Defense Center and threat intel team to create and improve existing monitoring use cases.
• You represent CSIRT in meetings with application stakeholders to make sure the right logs are selected and obtained by CSIRT.
• You create dashboards and reports.
• You support the blue team in their response to red team exercises.

What you bring

• Bachelor's degree in Computer science/Information security or equivalent combination of education and experience
• You have in-depth knowledge of the security aspects of Windows, Linux, internet technology and network protocols
• Similar experience within a telecommunications environment and technologies is considered of high value
• Experience with Splunk Enterprise Security is mandatory
• You have knowledge of a query language (KQL, SPL..)
• Experience within a SOC environment is considered of high value
• Experience with public cloud (Azure, GCP, AWS..) is considered of high value