Computer Security Incident Response Team

Job Title: Medior /Senior CSIRT Core Team Member

Location: Belgium (Zaventem)

Company: Thales Cyber Solutions Belgium

Job Overview:

We are looking for skilled Medior or Senior CSIRT Core Team Members to join our Computer Security Incident Response Team (CSIRT). This role is responsible for processing security incidents, managing customer requests, and maintaining compliance with security protocols. This position is ideal for an individual with solid analytical and problem-solving skills who can work autonomously within a structured environment.

Key Responsibilities:

Incident Management & Analysis:

• Process security incidents, including CVE publications, extracting Indicators of Compromise (IoCs) from malware, log mining, forensic investigations, breach analysis, and malicious document review.
• Autonomously handle documented response procedures, from analysis to reporting, for host compromises and other security concerns.
• Perform daily security surveys and notification reviews as needed, ensuring timely incident response.

Customer Support & Ticket Management:

• Manage and respond to all customer requests related to Thales Cyber Solutions Belgium's cybersecurity products.
• Coordinate and oversee incident, change, and use-case tickets with the appropriate teams.
• Occasionally perform the triage role to prioritize and address urgent security issues.

Change Management & Consultancy:

• Conduct Incident Response Preparation Assessments and deliver on missions for clients, providing audit and consultancy support when required.
• Participate in promoting CERT-XLM and engage with the wider CERT community, contributing to mandatory industry events.

Project Work & Self-Development:

• Work independently on assigned projects with autonomy.
• Dedicate one day per month to application issue resolution and self-training on defined cybersecurity topics.

General Responsibilities:

• Adhere to the CSIRT Code of Practice (CCoP) and comply with all relevant data protection regulations.
• Securely handle forensic acquisitions, maintain accurate MS Dynamics records, and keep skill matrices and documentation up to date.
• Follow structured reporting processes and validate publications as per organizational standards.

Information Security Responsibilities:

• Ensure continuous confidentiality of customer data and comply with corporate security policies.
• Conduct incident forensic analysis exclusively on designated devices, upholding data protection protocols.

Qualifications & Skills:

• Minimum 3 years of professional experience in cybersecurity.
• Proven analytical and problem-solving abilities in handling security incidents
• Strong organizational skills with a systematic approach to documentation and adherence to best practices
• Proficient communication skills in French or Dutch, and English
• Ability to remain calm and maintain a professional attitude under pressure
• Team player capable of guiding junior consultants and trainees
• Commitment to continuous development of both technical and interpersonal skills

Preferred Certifications:

• GIAC Security Essentials Certification (GSEC)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Incident Handler (GCIH)
• GIAC Network Forensic Analyst (GNFA)
• GIAC Reverse Engineering Malware (GREM)
• eLearnSecurity Certified Professional Penetration Tester (eCPPT)

Why Join Thales Cyber Solutions Belgium?

At Thales Cyber Solutions Belgium, we foster a culture of innovation, autonomy, and commitment to excellence in cybersecurity. Join us to be part of a team where your expertise and insights can make a meaningful impact. Enjoy ongoing professional development opportunities and the chance to work with some of the best minds in the industry.

We strive for security & privacy. Supported by a talented cyber army, we continuously provide you with a wide range of tailored cybersecurity solutions. From consulting to 24/7 monitoring services via our C-SOC cybersecurity platform and a rapid response to an incident we offer "security as a service.

How to Apply:

If you're ready to make a difference in cybersecurity, please apply with your resume and our HR Officer will reach out to you ASAP!