Senior Security Analyst @ Itsme
AMKP04278
Functie
Itsme faces continuous threats from malicious actors seeking unauthorized access to sensitive information. The company's commitment to security is not only a regulatory necessity but also an integral part of delivering a reliable and secure digital identity solution to their users, due to the sensitive nature of a significant portion of their data and services. The Security Analyst plays a pivotal role in proactively identifying and mitigating these threats through continuous monitoring, incident response, informing stakeholders and intelligence sharing. The Security Analyst will actively handle emerging threats, minimize security attacks, prevent leaks and develop robust strategies to counter emerging cyber threats. The imperative is to insource Security Operations for the critical parts of the solution  to reduce reliance on external partners in order to enhance security and safety, making growth crucial in achieving these objectives.Â
The primary focus of the Security Analyst includes three key priorities:
- Blue Teaming – Triage Queue: The analyst will actively engage in blue teaming activities, particularly in managing and prioritizing the triage queue. This involves the assessment and categorization of security incidents for effective response.
- Threat Hunting: Conducting proactive threat hunting activities to identify potential security threats and vulnerabilities before they manifest into incidents. This involves exploring systems and networks to detect hidden threats.
- Detection and Monitoring of Current Systems: The Security Analyst will play a crucial role in the ongoing detection and monitoring of existing systems. This includes continuous surveillance to identify and respond to any suspicious or malicious activities in real-time and define new use cases for monitoring and detection.
Other tasks will be:
- Vulnerability management: The Security Analyst will provide support for complex exploitation and defense techniques, incident response and remediation; conduct comprehensive system monitoring; identify vulnerabilities; offer support and expertise in designing secure solutions and protection strategies, as well as audits of information security infrastructure.
- Technical support: Technical support for continuous monitoring and system operations, particularly in target identification and profiling, will be a key responsibility. The Security Analyst will also provide technical support for forensic services, including evidence seizure.
- Researching current trends: Furthermore, the Security Analyst will conduct research and stay adept in open-source and commercial computing resources for exploitation, attack techniques, procedures, and trends.
Profiel
Background and experience
- A bachelor’s degree or equivalent experience.
- At least 5 years of relevant experience.
- A strong background in blue teaming and defensive cybersecurity operations is essential.
- Experience in incident response is the most important aspect.
- Experience in SOC engineering, specifically with setting up new tools and integrations, and project ownership.
- Familiarity with vulnerability management is required.
- Proficiency in Azure or Microsoft family incident response is required.
- Experience with Splunk is highly valued.
- Understanding of different EDR systems (endpoint, Office365, cloud) is important, including how to read logs from these technologies.
- A basic understanding of what to look for regarding malware is part of the blue team scope.
- Experience with frameworks like NIST and MITRE ATT&CK is required.
Nice-to-have experience and skills:
- Experience with scripting, particularly Python.
- Familiarity with Palo Alto SOAR (XSOAR).
- Knowledge of MISP.
- Experience in pen testing.
- Capable of some competence in thread hunting, especially proactive hunting (100% cloud, Azure technology would be the best, but all cloud is good).
- Threat intelligence processing.
- Identity and access management is good to have.
- Certifications such as the 508 (incident response part) or MAD20 are good-to-have but not mandatory.
Competences
- You take ownership of your tasks, reach out to your colleagues and can act as a go-to-person
- You have an open and flexible mindset; you are able to easily adapt to changing contexts
- You are able to think strategically and maintain a helicopter view
- You are curious
- You are eager to continually acquire new knowledge (as Itsme heavily invests in training and certifications)
Languages
- You are fluent in English. Dutch and/or French are a plus.
Aanbod
Senior Security Analyst @ Itsme
Belgian Mobile ID, known for the innovative itsme® app, is one of Europe's fastest-growing scale-ups. In 2017, itsme was founded through a unique collaboration of seven Belgian market leaders from the banking and telecommunications sectors with a clear mission: to offer a state-of-the-art digital identity solution to everyone, enabling secure and seamless interaction in the digital space.
itsme® has fundamentally changed digital interaction in Belgium and has grown into the country's official mobile identity. With the itsme® app, citizens can securely identify themselves, approve transactions, and even digitally sign official documents, without the need for card readers, passwords, or tokens. Today, this results in overwhelming success, with usage by 7 million citizens (more than 80% of the adult population in Belgium). More than 1 million actions are performed daily, and the app has been successfully launched in 26 European countries with the ambition to become an international leader.
The itsme® solution guarantees the highest security through the unique combination of the app, the mobile phone, and biometric or PIN identification. The service is recognized with the Level of Assurance 'High' e-identification means and as a 'qualified' provider of trust services for electronic signatures in the eIDAS regulation, which ensures the strictest security requirements and legal validity.
Whatsapp op jouw computer?
