What You'll Do
In this role, you will lead technical aspects of security operations projects, guiding the integration of log sources and shaping detection strategies tailored to client environments. You'll develop correlation rules informed by threat intelligence, troubleshoot data flow issues across systems, and contribute to robust incident response planning. Your work will ensure security monitoring platforms are effectively configured and aligned with operational needs.
You will create detailed technical playbooks, support automation efforts, and maintain awareness of evolving SOC technologies and attack trends. Collaboration with clients and vendors will be key as you help onboard new data sources and refine detection capabilities.
Requirements
- Citizenship in one of the 32 NATO member states
- Proven experience with Azure Sentinel and the Microsoft Security ecosystem, or comparable SIEM platforms such as Elastic, Splunk, or LogPoint
- Solid background in developing and tuning detection rules using SIEM query languages
- Familiarity with Sigma and YARA rule formats for threat detection
Preferred Qualifications
- Minimum of two years in a SOC Analyst role, with hands-on involvement in playbook development and incident handling
- Working knowledge of Dutch or French is advantageous
Benefits
- Access to deep technical security certifications including GSE, GXPN, GREM, GCFA, and OSCP
- Training budget of 10,000 EUR and 10 days of dedicated learning time over two years
- Flexible working hours and options for remote work, including temporary work from within the EU
- Personal coaching focused on career growth and well-being
- Regular team events and opportunities to engage with experts in the cybersecurity community
- Reimbursement for Deutschlandticket and BahnCard 50 1st Class
- Business bike leasing program
- Company pension plan
- 30 days of annual leave
