24x7 Secure operations centre analyst

Our Secure Operations Centre (SOC) Team has the responsibility for monitoring available information sources for indications of compromise of the Union entities - our constituents. Analysts in the team triage the incoming information, and - if necessary - investigate incidents before passing them to the DFIR team if needed.

We are currently looking for 24x7 SOC Analysts to join the team and support round-the-clock security monitoring and incident response. This role involves working in shifts to ensure continuous coverage and rapid response to potential threats. Candidates will be employed as external contractors, meaning they will work as external service providers rather than direct employees of CERT-EU.

• Work with other SOC experts all closely cooperating as a team, coordinated by the SOC Team Leader, who reports to the Head of Sector
• Monitor security alerts and triage them
• Seek to improve the detection rules and processes aiming at increasing the efficiency and performance of the team
• Develop their skills as well as learn new ones through a comprehensive training programme involving both internal and external trainings.

If you have experience in security operations and are ready to contribute to a 24x7 security monitoring team, we’d love to hear from you!

The selected candidate should have experience in IT security and must possess knowledge in the following areas:

• Experience with Splunk, MS Defender for Endpoints, MS Defender 365, MS Sentinel
• Some experience in vulnerability assessments and penetration testing
• Knowledge of Windows, Linux, and macOS operating systems
• Log management and analysis tools
• Tools for packet capture and analysis such as Wireshark or tcpdump
• Web security including understanding of the underlying protocols
• Scripting experience, particularly using JavaScript, Python, and PowerShell
• Using and configuring sandboxes
• Cyber-threat intelligence sharing, using MISP in particular
• Use of incident management tools.

The selected candidate should also demonstrate the following skills:

• A high level of customer orientation
• Strong analytical and problem solving skills, including the ability to deal with a large amount of information in a limited time
• Ability to establish and maintain effective working relations with coworkers in an international and multi-disciplinary work environment
• A high degree of commitment and flexibility
• Excellent communication skills in English, both orally and in writing
• A focus on constant learning and improvement of technical and personal skills
• Experience with a vast array of IT technologies and the ability to quickly master new ones.

The candidate must be a national of one of the Member States of the European Union and hold a security clearance at EU SECRET level or be in a position to be security cleared.

• A friendly and multicultural workplace
• A stimulating and unique environment where personal development, growth and initiative are encouraged
• Working with a supportive and dynamic team with a deep sense of mission

Please note that the position is based in Brussels, Belgium. However, partly remote work might be possible, with some obligations to come to the office when necessary.

• Send an email to secretariat@cert.europa.eu with your CV (and a motivation letter if possible). Please provide the title of the position you are applying for in the subject of your email.
• If your skill-set matches the requirements, we will contact you for an informal interview to introduce you to CERT-EU, get to know you better and answer questions you might have
• If the informal interview goes well, we will then invite you for a formal interview in view of a possible recruitment.