Continuously analyze external and internal cyber threats, model them into a detection methodology and defense strategy, and implement into existing systems in order to prevent cyber incidents, detect them in a timely manner, handle them effectively, and prepare the organization for potential cyber incidents, and proactively evaluate threats and manage potential security incidents appropriately.
Tasks
Cybersecurity Analysis
Evaluate information security risks, threats and consequences and take appropriate action in order to maximally safeguard the business from potential information security incidents.
Sample Activities:
Perform cyber threat analysis.
Provide input to defense strategies
Provide input to IT risk management on risk reporting
Formulate detection rules & correlation
Advise on preventive security and information security standards
Incident Management
Technically and substantively direct investigations in resolution teams in order to prevent or reduce the impact of security incidents.
Example of activities:
Perform cyber simulations.
Creating and maintaining scenarios
Managing security incidents, including complex and high-priority incidents
Participating in Cyber Crises
Investigate and gather info on events and incidents
Taking standby duty for security incidents in the team
Technical management of security certs and crises
Reporting of security incidents
Follow up exceptions around penentration testing, vulnerability scanning, patching
Mandated to execute or coordinate necessary containment and eradication actions
Knowledge Assurance/Continuous Improvement
Monitor IT security developments in order to continuously ensure the efficiency and effectiveness of company information security processes and controls.
Example of activities:
Create security awareness strategy, conduct employee campaigns.
Conduct lessons learned and improvement initiatives
Constantly taking cues from the environment around relevant events
Improve tools, knowledge and processes by simulating security incidents, threat hunting, red/blue teaming
Active and frequent knowledge sharing with direct colleagues
Contribute to the continuous improvement of detection systems, internal processes and documentation
Contribute to the continuous improvement of services delivered by 3rd parties through operational and tactical service meetings
Provide support to service management and vendor management to optimize the relationship with the vendors, also in terms of costs.
Security Risk Assessment
Implement and enforce information and infrastructure security policies in order to optimize their awareness within the company. Validation of exceptions in the security landscape. Ensuring that security standards, processes are adapted where necessary.
Sample activities:
Conducting and interpreting maturity assessments.
Keeping Misp information up to date, analysis of IOC
Building strong internal and external network for sharing threat ember
Conduct and analyze threat hunting
Conduct forensic investigations
Cyber crisis simulations planning and testing defenses
Contribute to the creation of technical roadmaps
Users Auditing
Perform security testing of all potential users of the company's IT infrastructure in order to proactively identify and remediate potential security vulnerabilities.
Example of activities:
Handle security events.
Performing specific investigative acts
Monitoring compliance with security standards
Reporting
Report on information security risks, threats, incidents, and security techniques in order to provide all stakeholders with the necessary information on the basis of which they can make decisions.
Example of activities:
Reporting on security awareness, security events, cyber analysis.
Reporting on cyber threat and effectiveness of defense approach.
Reporting on process and security maturity.
Stakeholder management
Directly and indirectly direct service providers, application and process owners, escalate internally and externally in order to secure required service delivery, and achieve required security standard and goal.
Example of activities:
Participate in sector consultations.
Participate in service meetings and tactical meetings with suppliers
Support and hold employees accountable for safe behavior and application of security standards
EXPECTATIONS
Taking over tasks from current team so that internal colleagues have room for additional projects
Independently develop processes with scope
Experience within large companies
MS Security Tooling
MS Qualifications (SC-100, SC-200, SC-300, AZ-305, AZ-700)
Expected Competencies:
Results-oriented working
Knowledge of market environment and trends
Active improvement
Entrepreneurship
Customer orientation
Team-oriented thinking and working
Strong communication skills (Dutch)
Knowledge of current technologies