SOC Analyst @ Itsme
AMKP04235
Function
Purpose of the position
Itsme faces continuous threats from malicious actors seeking unauthorized access to sensitive information. The company's commitment to security is not only a regulatory necessity but also an integral part of delivering a reliable and secure digital identity solution to their users, due to the sensitive nature of a significant portion of their data and services. The SOC Analyst plays a pivotal role in proactively identifying and mitigating these threats through continuous monitoring, incident response, informing stakeholders and intelligence sharing. The SOC Analyst will actively handle emerging threats, minimize security attacks, prevent leaks and develop robust strategies to counter emerging cyber threats. The imperative is to insource Security Operations for the critical parts of the solution to reduce reliance on external partners in order to enhance security and safety, making growth crucial in achieving these objectives.
Tasks and responsibilities
The primary focus of the SOC Analyst includes three key priorities:
- Blue Teaming – Triage Queue: The analyst will actively engage in blue teaming activities, particularly in managing and prioritizing the triage queue. This involves the assessment and categorization of security incidents for effective response.
- Threat Hunting: Conducting proactive threat hunting activities to identify potential security threats and vulnerabilities before they manifest into incidents. This involves exploring systems and networks to detect hidden threats.
- Detection and Monitoring of Current Systems: The SOC Analyst will play a crucial role in the ongoing detection and monitoring of existing systems. This includes continuous surveillance to identify and respond to any suspicious or malicious activities in real-time and define new use cases for monitoring and detection.
Other tasks will be:
- Vulnerability management: The SOC Analyst will provide support for complex exploitation and defense techniques, incident response and remediation; conduct comprehensive system monitoring; identify vulnerabilities; offer support and expertise in designing secure solutions and protection strategies, as well as audits of information security infrastructure.
- Technical support: Technical support for continuous monitoring and system operations, particularly in target identification and profiling, will be a key responsibility. The SOC Analyst will also provide technical support for forensic services, including evidence seizure.
- Researching current trends: Furthermore, the SOC Analyst will conduct research and stay adept in open-source and commercial computing resources for exploitation, attack techniques, procedures, and trends.
Profile
Background and experience
- A bachelor’s degree or equivalent experience.
- At least 3 years of relevant experience.
- A strong background in blue teaming and defensive cybersecurity operations is essential.
- Experience in incident response is the most important aspect.
- Familiarity with vulnerability management is required.
- Proficiency in Azure or Microsoft family incident response is required.
- Experience with Splunk is highly valued.
- Understanding of different EDR systems (endpoint, Office365, cloud) is important, including how to read logs from these technologies.
- A basic understanding of what to look for regarding malware is part of the blue team scope.
- Experience with frameworks like NIST and MITRE ATT&CK is required.
Nice-to-have experience and skills:
- Experience with scripting, particularly Python.
- Familiarity with Palo Alto SOAR (XSOAR).
- Knowledge of MISP.
- Experience in pen testing.
- Capable of some competence in thread hunting, especially proactive hunting (100% cloud, Azure technology would be the best, but all cloud is good).
- Threat intelligence processing.
- Identity and access management is good to have.
- Certifications such as the 508 (incident response part) or MAD20 are good-to-have but not mandatory.
- acquire new knowledge (as Itsme heavily invests in training and certifications)
Languages
- You are fluent in English.
- You are fluent in Dutch and/or French.
Offer
- Autonomously make decisions during incident responses. This role requires individuals who can confidently navigate and react to potentially hazardous situations without supervision.
- Itsme provides a platform for progression from blue teaming to purple and red teaming. The emphasis is on rapid technical learning and extensive training opportunities.
- The company encourages substantial horizontal growth, allowing individuals to diversify their skills and responsibilities.
- A fun, enthusiastic and ambitious team in a fast-moving scale-up environment with offices in Brussels, combined with flexibility in terms of remote working
- A fixed contract, with an attractive compensation package
- Be a part of their national and international growth
Amon is the exclusive recruitment partner for this position.
If interested, please do not hesitate to contact Micha Van De Vijver, mvd@amon.be.
SOC Analyst @ Itsme
Belgian Mobile ID, known for its successful app itsme®, is a Belgian scale-up and pioneer in digitalization. In 2017, Belgian Mobile ID united the seven Belgian market leaders from the banking and telecommunications sector: Belfius, BNP Paribas Fortis, KBC, ING and Orange Belgium, Proximus and Telenet. Through joint efforts, they developed itsme®, Belgium's official mobile identity. With this mobile identity app, every Belgian citizen can identify him/herself when logging into digital applications, when approving (payment) transactions and even when signing official documents. Card readers, passwords or cards with tokens are no longer required. itsme® guarantees secure identification through the combination of the itsme® app, the user’s mobile phone and the user’s unique itsme® PIN or biometric identification. itsme® is recognized as a Level of Assurance ‘High’ e-identification mean, and as a ‘qualified’ trust services provider for electronic signatures in the eIDAS regulation, which means that the app complies with the highest security levels.
The number of users of the identity app itsme® continues to rise. In one year, 700,000 itsme® accounts were added, a growth of 11%. Today, 7 million Belgians already use the itsme app to identify themselves, confirm transactions and sign documents online, and they do so remarkably often: an average of 47 actions per person per year, or almost 1 per week. Today, itsme® is already available in Belgium and 13 other European countries!
Belgian Mobile ID closed partnerships with more than 800 companies, both in public and private sectors. The government is counted as one partner in this total amount, with more than 2.000 platforms. Although itsme® is mainly used for government purposes and in the banking, insurance and telecommunications sector, the importance of the app is increasing in other sectors as well. Examples of other industries are the gaming industry (e.g. Napoleon Games), HR sector, hospitals, mobility services, …