Cyber Defence Security Logging & Monitoring Expert

Job Title:Cyber Defence Security Logging & Monitoring Expert

Location: BRUSSELS, BE

Employment Type: 

Contract

The purpose of the Cyber Defence team is to prepare for and respond to unauthorized cyber activity. This is achieved by providing the following services:

• Proactive: Supporting and securing systems in anticipation of cyber-attacks by managing threats through the collection, assessment, and sharing of threat information.
• Reactive: Responding to incidents triggered by an intrusion detection system or reported by personnel.

To support these services, we are seeking a Security Logging & Monitoring Expert to perform the activities outlined below.

Function Description:
Your future role:

The Expert represents the interests of stakeholders and internal clients by understanding their expectations and translating them into business requirements. The Expert ensures that the engineering team has a clear understanding of the products and monitors their progress.

The Expert is responsible for defining priorities, organizing operational tasks, and maintaining the conceptual and technical integrity of features/user stories. They play a significant role in quality control and have the authority to decide when stories are finalized.

Key Responsibilities:

• Translate the Cyber Defence vision and strategy into a target operating model and processes for Security Logging & Monitoring capabilities.
• Effectively communicate the target operating model and processes to key stakeholders and Cyber Defence team members.
• Incorporate stakeholder input into the product roadmap while negotiating priorities based on their value.
• Collaborate with stakeholders and IT teams to clarify requirements, remove roadblocks, and align on Security Logging & Monitoring capabilities.
• Ensure the delivery of the yearly roadmap, working with delivery teams to ensure clear deliverables, removing barriers, and resolving issues quickly and efficiently.
• Set the quality standard for delivery, develop test plans, monitor user story acceptance criteria, and provide feedback to improve team processes.
• Lead problem resolution as needed to ensure prompt and efficient service.
• Manage Security Logging & Monitoring key performance indicators (KPIs).

Applicative Security Logging & Monitoring:

• Understand the business context of banking applications (e.g., APIs, Payments).
• Translate a complex applicative ecosystem into detection conditions required to develop effective detection use cases.
• Improve and maintain the methodology for creating and maintaining applicative use cases, considering the relationships among all involved actors.

Language Requirements:

• Dutch: Good spoken (preferable)
• French: Good spoken (mandatory)
• English: Fluent spoken & written (mandatory)

Education:

• Bachelor/Master or equivalent by experience.

Required Experience / Knowledge:

• Mandatory:

  • At least 5 years of experience in information security, preferably 7 years.
  • Strong knowledge of IT security technology and processes (e.g., secure networking, web infrastructure, system security, SOC tooling).
  • Experience with building SOC-related frameworks (target operating model, roles, processes).
  • Experience in a SOC or CSIRT environment.
  • Knowledge of the applicative security ecosystem.

• Preferable:

  • Knowledge of the architecture of banking applications.
  • Knowledge of log aggregation, SIEM solutions, and Digital Analytics Platforms such as Splunk, ArcSight, ELK.
  • Knowledge of Web Application Security Development (OWASP).

Soft Skills:

• Passion for Cyber Security.
• Team player.
• Proactive attitude.
• Strong communication skills.
• Good internal client-facing skills.
• Strong analytical skills.
• Autonomy, commitment, and perseverance.
• Attention to detail while maintaining a big-picture perspective.
• Ability to learn on the job and share knowledge.
• Integrity and alignment with the mission.
• Desire for continuous improvement of Cyber Defence capabilities.