AISB-848 Senior SOC Analyst / Detection Engineer

We are looking for a highly skilled cybersecurity professional to strengthen a Security Operations Center (SOC) by leading advanced incident investigations, improving detection capabilities, and driving proactive threat defense initiatives.

Role Overview

In this position, you will operate at the forefront of cyber defense, handling complex security incidents, guiding escalation workflows, and enhancing detection engineering across modern security platforms. You will combine deep technical expertise with a proactive mindset to improve overall SOC maturity and resilience.

Key Responsibilities

Advanced Incident Response

• Lead investigation and resolution of high-severity and complex security incidents
• Support escalation cases from SOC analysts (L1/L2) with expert technical guidance
• Perform in-depth forensic analysis and root cause identification
• Coordinate containment, eradication, and recovery activities across IT and security teams

Threat Hunting & Advanced Analysis

• Conduct proactive threat hunting based on behavioral patterns and threat intelligence
• Identify attacker behaviors aligned with the MITRE ATT&CK framework
• Analyze malware, phishing campaigns, and advanced intrusion patterns
• Investigate suspicious activity using cross-platform telemetry and logs

Detection Engineering

• Design, build, and optimize detection rules and correlation logic across SIEM and XDR platforms
• Improve detection quality by reducing false positives and increasing accuracy
• Translate threat intelligence into actionable detection content
• Validate detection effectiveness through simulations, adversary emulation, and purple team exercises

SOC Continuous Improvement

• Identify gaps in detection coverage and incident response processes
• Develop and enhance SOC playbooks, procedures, and automation workflows
• Contribute to SOC metrics, reporting, and operational maturity programs
• Mentor junior analysts and promote knowledge sharing within the SOC

Technical Environment

You will work with modern security technologies and platforms such as:

• Microsoft Sentinel (SIEM & SOAR)
• Microsoft Defender XDR (Extended Detection & Response)
• Splunk (Log analysis & security monitoring)
• Additional tools for endpoint, network, and cloud security monitoring

Required Skills & Experience

• Strong experience in L3 SOC analysis and advanced incident response
• Expertise in detection use case development and tuning
• Advanced knowledge of malware analysis and threat investigation
• Hands-on experience with SIEM/XDR platforms
• Strong scripting capability (KQL and/or other relevant languages)
• Experience in vulnerability management and security operations processes
• Exposure to purple teaming and adversary simulation activities
• Familiarity with Windows Server environments and Linux systems
• Experience with ServiceNow or similar ITSM tools
• Strong communication skills and ability to collaborate across technical teams

Mindset & Soft Skills

• Highly autonomous and structured in incident handling
• Strong analytical and problem-solving abilities
• Proactive in identifying risks and detection gaps
• Conscientious, responsible, and detail-oriented
• Strong collaboration and mentoring capabilities

Languages

• Native or bilingual level in Dutch or French
• Professional working proficiency in English

Security Requirements

This position is subject to a mandatory security screening due to the sensitivity of the environment. Candidates must:

• Agree to undergo a formal security clearance process
• Remain available during the screening period (which may take several weeks)
• Understand that contract confirmation depends on a positive clearance outcome
• Acknowledge that loss of clearance may result in contract termination

Work Environment

• Hybrid working model
• Based in Brussels
• Collaborative SOC environment focused on continuous improvement and operational excellence

Apply Now

If you are passionate about advanced cyber defense, threat hunting, and detection engineering, and you want to play a key role in strengthening SOC capabilities, we invite you to apply for this opportunity.

Join us and contribute to shaping a more resilient and proactive security posture.