Splunk Analyst

Apply now

Are you passionate about #cybersecurity? You love working with high profile teams with a sure taste for challenge and variety? You dream to join a fast-growing company with start-up mentality? Eager to learn continuously?

Join Proximus Ada ! Within this Proximus’ newly created center of excellence for AI and Cybersecurity, the mission of the Security Management and CSIRT teams is to protect Proximus, its customers, its business, its operations and reputation against external and internal threats. You will be fascinated by a highly dynamic environment, the strong collaboration and some deep technical aspects.

The Cyber Security Incident Response Team is a centralized security service, responsible for managing cyber security incidents within the Proximus Group. The team is responsible for delivering all relevant services to mitigate an incident as quickly and efficient as possible and to keep (higher) management updated on the progress.

As a Splunk analyst in CSIRT you are responsible for creating and improving monitoring use cases for the various log sources that are onboarded in the SIEM. A strong set of data analytics skills are required for this function.

Your main objective is to come up with actionable use cases in a security monitoring context that improves the visibility of the environment.

Tasks and responsibilities

You work actively together with the application and engineering teams on log ingestion tasks.

You validate the content of the ingested logs at the SIEM.

You actively collaborate with our Cyber Defense Center and threat intel team to create and improve existing monitoring use cases.

You represent CSIRT in meetings with application stakeholders to make sure the right logs are selected and obtained by CSIRT.

You create dashboards and reports.

You support the blue team in their response to red team exercises.

Profile

Bachelor’s degree in Computer science/Information security or equivalent combination of education and experience.

You have in-depth knowledge of the security aspects of Windows, Linux, internet technology and network protocols.

Similar experience within a telecommunications environment and technologies is considered of high value.

Experience with Splunk Enterprise Security is considered of high value.

You have knowledge of a query language (KQL, SPL..).

Experience within a SOC environment is considered of high value.

Experience with public cloud (Azure, GCP, AWS..) is considered of high value.

You are flexible and a strong team player.

You have great communication skills.

You show integrity & trust while managing confidential information.

A mastering of English is a must for the position. Speaking French and/or Dutch is considered as a plus.

**Applicants must enjoy full rights as Belgian citizens or have been living for 5 years in Belgium to be considered for this role.**

Apply now

Others also viewed

Project Engineer for GTec

DEME

Belgique

27.02.2024

G-tec is a specialized contractor and consultant in Geophysics, Engineering Geology and Environment. G-tec operates around the world on land and at se...

Business Process Analyst.

Cargill

Mechelen

13.02.2024

Want to build a stronger, more sustainable future and cultivate your career? Join Cargill's global team of 160,000 employees who are committed to saf...

Data Engineer F/M/X

Amaris Consulting

Brussels

04.03.2024

Job description We are currently seeking an entry-level Data Engineer to join our dynamic team at Amaris Consulting...