Security Analyst

The Contraste Europe Group builds strong relations with its clients. It offers a range of IT services such as: Advisory, Solutions, Applications and Infrastructure. The Group’s sector focus is with finance, utilities, public institutions and non-commercial organisations. We are operating on three countries located in Belgium, Luxemburg and France.

For one of our major clients in the financial sector, we are looking for a Security Analyst.

Category

Infrastructure Services

Function

Consultant (Specialist)
Infrastructure Architect
Security Engineer
System Engineer / Administrator

Language(s)

Dutch
English
French

Reference

190517/01

Location

Brussels - Belgium

We offer

  • A challenging position in a fast growing company with an international presence.
  • A stimulating working environment with a really good team spirit maintained by lots of internal events (teambuilding, ...).
  • A dynamic culture focused on personal development.
  • A wide range of training and career development opportunities.

Your profile

  • Ideal candidates should be knowledgeable in the areas of networking, client/server technologies.
  • Must display enthusiasm and interest in Information Security
  • Process and Procedure adherence
  • Ability to trace down an endpoint on the network
  • Ability to make information security risk determinations
  • Familiarity with system log information and what it means
  • General Desktop OS and Server OS knowledge
  • General knowledge of TCP/IP, Internet Routing, UNIX / LINUX & Windows NT
  • Understanding of common network services (web, mail, DNS, authentication)

Nice to have:

  • 2+ year prior experience in a similar position
  • Experience with QRadar SIEM and other modules
  • Knowledge of network security zones, firewall, IDS
  • Knowledge of log formats for syslog, http logs, DB logs and how to gather forensics for traceability back to event
  • Experience with log management or security information management tools
  • Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat)
  • Passion and drive to work in a young division with potential of significant growth in scope and services
  • Possess good logical and analytical skills to help in analysis of security events/incidents
  • Ability to interact with staff, peers and customers on a technical and professional level
  • Effective verbal and written communication skills
  • Able to learn a lot in a limited period, self-study oriented
  • English mandatory (fluent), and French or Dutch additionally

Overtime Required:

  • 24x7 coverage - on a need basis

Your role

Your main responsibilities:

  • Monitor computer security events according to documented procedures and industry best practices and are the first line of defence in protecting our information systems from internal and external threats
  • Be part of the SOC team that runs 24x7, on a rotating shift schedule
  • Monitoring of security events received through alerts from SIEM or other security tools
  • Performing 1st level triage of incoming alerts
  • Provide initial investigation of security alerts
  • Review alerts escalated by end users
  • Provide limited response to end users for low complexity security questions/alerts
  • Monitoring of alert and downstream dependencies health
  • Notifying appropriate contact for security events and response
  • Work assigned ticket queue
  • Escalating issues when necessary
  • Manage communication with higher tiers on escalated issues
  • Performing administrative tasks per management request (ad-hoc reports / trainings)
  • Create playbooks for rule investigation
  • Provide use case creation/tuning recommendations to the Security Intelligence team based on findings during investigations