Technical Team Lead – CSIRT JP054310
Posted on:
11 days ago
Vacancies:
1 Vacancy
Job Summary
Technical Team Lead CSIRT (Cyber Security Incident Response Team)
We are seeking an experienced Technical Team Lead to lead a growing CSIRT team responsible for cyber security monitoring incident response threat detection and security operations.
Key Responsibilities
- Lead and manage the CSIRT team including planning prioritization and capability development.
- Design implement and maintain CSIRT infrastructure including SIEM SOAR and Cyber Threat Intelligence (CTI) platforms.
- Develop and automate security processes using Python and other scripting languages.
- Implement and manage open-source security tools and monitoring solutions.
- Coordinate incident response activities including triage forensic investigations root cause analysis and remediation.
- Design and implement security monitoring controls to protect critical systems.
- Analyze security logs investigate incidents and prepare technical reports.
- Monitor vulnerabilities assess their impact and support remediation efforts.
- Track and analyze cyber threat intelligence feeds and emerging threats.
- Maintain technical documentation procedures and operational playbooks.
- Define and report on CSIRT performance metrics KPIs and service effectiveness.
- Support escalations change activities and collaboration with internal stakeholders.
Required Qualifications
- Minimum 7 years of experience in a similar cyber security leadership or incident response role.
- Strong expertise in Security Operations Incident Response Digital Forensics Malware Analysis Vulnerability Management and Blue Team operations.
- Extensive experience with SIEM technologies particularly Splunk Enterprise Security.
- Experience securing mobile applications on iOS and Android platforms.
- Strong understanding of encryption compliance and security governance in highly regulated environments.
- Proficiency in Enterprise Linux and scripting languages such as Python and PowerShell.
- Experience analyzing emerging vulnerabilities and assessing organizational risk.
- Strong analytical troubleshooting and problem-solving skills.
- Excellent communication skills with the ability to engage stakeholders at all levels.
- Commitment to continuous learning and staying current with cyber security trends.
Preferred Qualifications
- Certifications such as OSCP GCIH GCIA GNFA CISSP or CISM.
- Knowledge of security frameworks and best practices including MITRE ATT&CK and NIST.
- Experience with ITIL processes and change management.
Languages
- Fluent English (written and spoken).
- Good working knowledge of Dutch and/or French.
Additional Requirements
- Belgian nationality is mandatory.
- Valid National NATO and EU security clearance at SECRET level or higher is required.
- Ability and willingness to work 100% on-site in Brussels.
Personal Attributes
- Strong analytical and problem-solving mindset.
- Hands-on and practical approach to security operations.
- Excellent leadership and teamwork skills.
- Detail-oriented with strong documentation and configuration management practices.