Incident Response and SOC Analyst (EU Secret)

The role supports the Cyber Security Operations Centre for the EU critical infrastructure aiming to strengthen IT security through advanced monitoring detection and incident response services.

Main Responsibilities

• Define incident handling procedures automation requirements and playbook logic aligned with the needs.

• Prepare incident response workflows automated enrichment steps and technical documentation for standardized alert handling.

• Handle cybersecurity incidents from detection through escalation containment and resolution.

• Develop and maintain XSOAR playbooks integrations and automations across platforms such as Splunk AWS Azure Sentinel Carbon Black Cloud and Sysdig.

• Coordinate and review playbook updates incident reports and cross-team collaboration.

• Report key performance metrics including FPTP rate MTTH escalation rate automation coverage time saved and error reductions.

• Assist training analysts on playbook usage and incident response methods.

• Collaborate with CSIRC CATCH analysts infrastructure teams and external stakeholders to validate playbook coverage and share threat intelligence.

Qualifications :

Required Skills & Expertise

• Strong incident response methodology and hands-on experience in end-to-end incident handling in multinational settings.

• Advanced knowledge of XSOAR playbook creation and automation.

• Proficiency in designing and adapting automated workflows and enrichment.

• Python programming skills.

• Ability to present technical and business information effectively to diverse EC stakeholders.

• High standards for incident documentation KPI reporting and compliance with security frameworks.

• Familiarity with cloud-native services (AWS Azure) EDR SIEM-SOAR platforms and container security.

• Excellent communication skills for working in multicultural teams and liaising with technical and non-technical audiences.

• Certifications or experience in relevant security technologies (e.g. Palo Alto Cortex XSOAR Splunk Microsoft SC-200 AWS Security Specialty).

Required Education

• Level 6 European Qualification Framework (Bachelors degree or higher) for senior profiles.

Soft Skills

• Ability to work in international multicultural environments.

• Rapid self-starting teamwork and multitasking on large projects.

• Language proficiency: English (B2) French or German a plus.

• High discretion and integrity.

Working Conditions

• Contract duration: approx. 880 days starting Dec 1 2025.

• On-site service delivery in Brussels Belgium; partial remote work may be authorized.

• EU Secret Clearance Required or PSCIS

• Provided with IT equipment; must comply with security procedures.

Additional Information :

Do you picture yourself in a fast-growing vibrant team at the cutting edge of software implementation Does working with international clients across multiple industries sound exciting Then youre in the right place. 

We offer a generous employee benefits package that includes: 

• A variety of perks such as mobility options (including a company car) insurance coverage meal vouchers eco-cheques and more. 
• Continuous learning opportunities through the Sopra Steria Academy to support your career development. 
• The opportunity to connect with fellow Sopra Steria colleagues at various team events. 

People are the cornerstone of our success. Thats why we aspire to be bolder together. Our goal is to build high-functioning teams and healthy team environments that inspire and help each other to deliver excellence for each of our customers.  

Excited about this job opportunity Ready to shape the world with us Great! We are looking forward to your application! 

Want to know what happens next  

The recruitment process typically begins with the first step where the recruiter screens candidates based on their qualifications and fit for the role. This is followed by the second step where candidates undergo more in-depth evaluations including technical assessments hiring manager or client to assess both technical skills and team compatibility. The third step involves the company reviewing feedback and aligning on a potential offer. Finally in the final step the candidate receives a formal job offer.  

Sopra Steria is an equal opportunity employer. All qualified applicants will be considered for employment without regard to age ancestry nationality color family or medical leave gender identity or expression genetic information immigration status marital status medical condition national origin physical or mental disability political affiliation protected veteran or military status race ethnicity religion gender (including pregnancy) sexual orientation or any other characteristic protected by applicable local laws regulations and ordinances. We foster a work environment that is inclusive and respectful of all differences.

Remote Work :

No

Employment Type :

Full-time