Cybersecurity Engineer & Analyst

Are you a cybersecurity engineer who wants to be part of expanding a Security Operations Center (SOC) We would like to get in touch with you!

This position is part of the ESH-SOC a professional SOC run at TU/e Department of Mathematics and Computer Science that integrates the latest research in threat analysis into real-world monitoring operations.

Introduction

The TU/e Department of Mathematics and Computer Science and JADS in s-Hertogenbosch are jointly developing CTILaba laboratory designed to translate cutting-edge research in cybersecurity cyber monitoring and threat intelligence into market-ready solutions.
CTILab is being built in close collaboration with the Eindhoven Security Hub Security Operations Center (ESH-SOC) which was also established and is operated by TU/e M&CS. ESHs success serves as the foundation for the CTILab initiative.

We are therefore looking for a cybersecurity engineer (medior) who will lead the technical security monitoring and threat intelligence operations at the CTILab in close collaboration with ESH-SOC.
As a cybersecurity engineer you will analyze evidence of incoming threats to our customers based on the latest information that is developing on the market such as vulnerabilities.
Knowing how to analyze security events using SIEM technologies and being able to handle them is something that you know how to do and gets you excited. We expect you to identify threats to the organizations we monitor and to be active in reporting and evaluating these jointly with colleagues supervisors and supporting junior analysts. Contributing to the deployment management and growth of a cloud-native next-generation highly scalable security information platform is also part of the job. You will be involved in the evolution discussion of the platform with all development teams to understand the infrastructure and manage the right technology and business alignment with partners working closely with engineers analysts and researchers and help driving the CTILaband ESH-SOC maturity lifecycle to stay ahead of the innovation curve.

Job Description

• Analyze security events (Tier 2): deconstruct and analyze complex patterns from data relating contextual factors (e.g. related to a customers environment) to evidence from the data.
• Inform customers partners and other stakeholders of security incidents and support remediation efforts.
• Create/expand tools to translate security monitoring use-cases into monitoring rulesets and to simplify service operation and monitoring.
• Contribute to the development and maintenance of the ESH-SOC infrastructure and of the security sensors deployed at customer facilities assuring timely updates and a smooth operation cycle.

Job Requirements

• You work at HBO/MSc level and have experience in security monitoring including reporting successful cyberattacks and supporting remediation efforts. For example you have working experience in a SOC.
• You have knowledge of networks (operating) systems and applications attack techniques and/or malware.
• You have some experience with scripting languages (e.g. Python Bash).
• You have some experience with maintaining Linux-based environments. Experience with Docker and virtualization tools is a plus.
• Work experience with (open-source) security solutions e.g. Security Onion Elastic Stack.
• Preferably you have some experience with at least one data analytics tool (e.g. Elastic Hadoop Splunk) and configuration management tool (Saltstack Ansible Puppet).
• The education preference is for a Bachelor/Master degree preferably in (technical) computer science forensics etc.

Conditions of Employment

An exciting position within an international yet personal university. You are right in the middle of the students on a green campus within walking distance of the central station. Besides beautiful architecture you will find varied workplaces and excellent sports facilities. We also offer you:

• A monthly salary of minimum 3546 to maximum 5538 for full-time employment depending on your knowledge and experience (scale 10 collective labour agreement for Dutch Universities).
• In addition to vacation pay a structural end-of-year bonus of 8.3%.
• A favorable arrangement for more holidays or a sabbatical.
• A selection model for additional fringe benefits.
• Working hours in consultation for an optimal work-life balance.
• Scope for your talent with advancement prospects and excellent development opportunities such as mentoring workshops and coaching.
• Partially paid parental leave and reimbursement for commuting expenses working from home and the internet.
• A generous employer contribution to the favorable ABP pension plan.

Here you can discover even more information about our conditions of employment. Build on your career at TU/e!

About us

Eindhoven University of Technology is a leading international university within the Brainport region where scientific curiosity meets a hands-on mindset. We work in an open and collaborative way with high-tech industries to tackle complex societal challenges. Our responsible and respectful approach ensures impact today and in the future. TU/e is home to over 13000 students and more than 7000 staff forming a diverse and vibrant academic community.

With over 110 (assistant associate and full) professors almost 300 PhD and EngD students about 1500 Bachelor students and 1000 Master students the Department of Mathematics and Computer Science (M&CS) is the largest department of the TU/e. By performing top-level fundamental and applied research and maintaining strong ties with industry M&CS aims to contribute to science and innovation in and beyond the region.

The Eindhoven Security Hub - Security Operations Center (ESH-SOC).

The TU/e and its industrial partners have joined forces in the Eindhoven Security Hub to develop a smarter leaner managed detection and response solution that provides an answer to the increased security and monitoring needs of society in general and of small and medium enterprises.
The ESH-SOC adopts cutting-edge technology (including machine learning and deep-learning based solutions) to address the needs of a broader range of business including e.g. those adopting Industrial Control Systems and IoT technology. Last but not least the ESH-SOC is a testbed for pioneering research in intrusion detection prevention and response.

The SOC is responsible for the availability confidentiality and integrity of important often privacy-sensitive data with which the ESH-SOC works. To guarantee security in a time of cybercrime open digital communication and online information exchange the SOC is committed daily to detecting analyzing and dealing with security notifications.

The Security group at TU Eindhoven. TU Eindhoven (TU/e) is a mid-size technical university located in the heart of the high-tech industry in the Netherlands. The Security group is part of the Department of Mathematics and Computer Science (M&CS) which is one of the largest departments of the TU/e with over 100 (assistant associate and full) professors almost 200 PhD and EngD students and about 1100 bachelor students and 600 master students. By performing top-level fundamental and applied research offering high-quality educational programs and maintaining strong ties with industry the Security group aims to contribute to science and to innovation in and beyond the region. Its research focus spans from security deployment and management to physical security and attack engineering.

Information

Do you recognize yourself in this profile and would you like to have more information about the position please contact the hiring manager: Allodi Luca at and Zambon Emmanuele at .

For questions about the application process or the conditions of employment please contact HR services at .

Are you inspired and would like to know more about working at TU/e Please visit our career page.

Application

If you are interested please use the apply button to send us your CV and letter of application with your motivation and a description of your that you submit all the requested application documents. We give priority to complete applications.

Screening of candidates begins as soon as applications are received and continues until the position is filled. Where applicable internal candidates will be given priority over external candidates where they are equally suitable.

We look forward to receiving your application!

Please note

• You can apply online. We will not process applications sent by email and/or post.
• A pre-employment screening (e.g. knowledge security check) can be part of the selection procedure. For more information on the knowledge security check please consult the National Knowledge Security Guidelines.
• Important for non-EU applicants: Please be aware that for this position specific residence permit requirements apply. If you are a non-EU national you may not be eligible to legally work in this role under current Dutch immigration regulations. We strongly advise you to contact our Staff Immigration Team () before applying to check your eligibility and to receive further guidance.
• Please do not contact us for unsolicited services.