Cyber Security Tools Engineer for NATO with security clearance

Mons - Belgium

Monthly Salary: Not Disclosed

Posted on: 11 hours ago

Vacancies: 1 Vacancy

Job Summary

Would you like to join the leading international intergovernmental organization

This isnt a role where you merely watch the monitors; you are the architect of the monitoring platform itself. As a Cyber Security Tools Platform Engineer you will be the critical force multiplier for the threat hunters building and maintaining the sophisticated engine that powers the proactive cyber defense.

You will design integrate and automate the very tools like THOR Corelight and Splunk that allow our clients analysts to uncover hidden adversaries and neutralize threats before they impact the mission. Think of it as building the high-performance radar and sensor suite for a cutting-edge security operations center. Your work in scripting systems engineering and seamless integration directly determines the speed precision and effectiveness of our entire threat hunting capability.

NOTE: This role is not a cybersecurity analyst; utilization of cyber tools (performing threat hunt malware or vulnerability analysis) is not considered to be part of the standard duties.

Responsibilities:

Design set up and manage a suite of tools supporting threat hunting (ex.: THOR Asgard Sysmon Corelight Microsoft Defender Splunk Sentinel) ensuring seamless integration with other technologies present on the network.
Ensure that the deployment and operation of those tools meet strict security requirements and comply with IT Service Management policies governing the network environment. This includes producing the required documentation and maintaining testing environments.
Apply best practices workflow automation by leveraging tools and technologies like N8N Ansible and Magnet Automate to enhance efficiency and reliability.
Liaise with supporting team in other services and business areas to ensure streamlined delivery of agents logs and configuration items.
Lead or contribute to the creation and ongoing maintenance of comprehensive documentation and Standard Operating Procedures (SOPs) to support operational continuity and compliance.
Collaborate closely with team members and end users to incorporate feedback continuously improving the quality and effectiveness of the delivered digital forensics capabilities.
Proactively identify and propose system improvements to ensure an up-to-date and stable environment. Justify business needs and prepare documentation and an implementation plan for the Change Management Board. Implement the approved changes following coordination with other stakeholders.

Essential Qualifications & Experience:

Education: A Bachelors degree in Computer Science Information Technology or a related field combined with a minimum of 2 years of experience in a cybersecurity engineering or similar role. Alternatively a secondary education with an advanced vocational qualification and 5 years of post-related experience or exceptionally at least 8 years of demonstrated progressive expertise in the domain.
Tooling Expertise: Strong hands-on experience in deploying managing and maintaining cybersecurity tools in large complex enterprise environments with significant practical experience in Linux system administration.
Scripting & Automation: Proven practical skills in writing scripts for automation using Bash Python or Ansible. Knowledge of PowerShell and other integration tools is required.
Infrastructure Knowledge: In-depth understanding of core infrastructure concepts: networking (IPAM firewalls proxies load balancers) hosting virtualization (preferably VMware) and certificates.
Cybersecurity Fundamentals: Solid understanding of cyber threat hunting methodologies cybersecurity concepts and network communication protocols (TCP/IP HTTP/S DNS).
Collaboration & Process: Strong team spirit excellent verbal and written communication skills in English and the ability to produce detailed technical documentation and adhere to formal change management processes.
Desirable Experience
- Practical experience with specific tools: Sysmon Nextron Asgard/THOR solutions.
- Professional experience in cybersecurity monitoring or a Security Operations Center (SOC) environment.
- Hands-on experience with Microsoft Azure and Microsoft Defender for Endpoint.
- Experience as an end-user of SIEM and log aggregation systems (e.g. Splunk).
- ITIL Foundation certification or similar service management knowledge.
- Prior experience working for NATO or in an international/military-civilian organization.

If youve read the description and feel this role is a great match wed love to hear from you! Click Apply for this job to be directed to a brief questionnaire. It should only take a few moments to complete and well be in touch promptly if your experience aligns with our needs.

Would you like to join the leading international intergovernmental organizationThis isnt a role where you merely watch the monitors; you are the architect of the monitoring platform itself. As a Cyber Security Tools Platform Engineer you will be the critical force multiplier for the threat hunters b...

NOTE: This role is not a cybersecurity analyst; utilization of cyber tools (performing threat hunt malware or vulnerability analysis) is not considered to be part of the standard duties.

Responsibilities:

Design set up and manage a suite of tools supporting threat hunting (ex.: THOR Asgard Sysmon Corelight Microsoft Defender Splunk Sentinel) ensuring seamless integration with other technologies present on the network.
Ensure that the deployment and operation of those tools meet strict security requirements and comply with IT Service Management policies governing the network environment. This includes producing the required documentation and maintaining testing environments.
Apply best practices workflow automation by leveraging tools and technologies like N8N Ansible and Magnet Automate to enhance efficiency and reliability.
Liaise with supporting team in other services and business areas to ensure streamlined delivery of agents logs and configuration items.
Lead or contribute to the creation and ongoing maintenance of comprehensive documentation and Standard Operating Procedures (SOPs) to support operational continuity and compliance.
Collaborate closely with team members and end users to incorporate feedback continuously improving the quality and effectiveness of the delivered digital forensics capabilities.
Proactively identify and propose system improvements to ensure an up-to-date and stable environment. Justify business needs and prepare documentation and an implementation plan for the Change Management Board. Implement the approved changes following coordination with other stakeholders.

Essential Qualifications & Experience:

Education: A Bachelors degree in Computer Science Information Technology or a related field combined with a minimum of 2 years of experience in a cybersecurity engineering or similar role. Alternatively a secondary education with an advanced vocational qualification and 5 years of post-related experience or exceptionally at least 8 years of demonstrated progressive expertise in the domain.
Tooling Expertise: Strong hands-on experience in deploying managing and maintaining cybersecurity tools in large complex enterprise environments with significant practical experience in Linux system administration.
Scripting & Automation: Proven practical skills in writing scripts for automation using Bash Python or Ansible. Knowledge of PowerShell and other integration tools is required.
Infrastructure Knowledge: In-depth understanding of core infrastructure concepts: networking (IPAM firewalls proxies load balancers) hosting virtualization (preferably VMware) and certificates.
Cybersecurity Fundamentals: Solid understanding of cyber threat hunting methodologies cybersecurity concepts and network communication protocols (TCP/IP HTTP/S DNS).
Collaboration & Process: Strong team spirit excellent verbal and written communication skills in English and the ability to produce detailed technical documentation and adhere to formal change management processes.
Desirable Experience
- Practical experience with specific tools: Sysmon Nextron Asgard/THOR solutions.
- Professional experience in cybersecurity monitoring or a Security Operations Center (SOC) environment.
- Hands-on experience with Microsoft Azure and Microsoft Defender for Endpoint.
- Experience as an end-user of SIEM and log aggregation systems (e.g. Splunk).
- ITIL Foundation certification or similar service management knowledge.
- Prior experience working for NATO or in an international/military-civilian organization.