Skip to main content

SOC Incident Response and Threat Analyst (Tier 3)

Have you ever thought about joining the space sector? Are you looking for a new opportunity in a fast-moving global company with a family feel?

We are proud to be gathering cyber experts to build ESA’s new centre called C-SOC, the ESA Cyber Safety and Security Operations Centre. This is a rare opportunity to join this pioneering team and contribute to the launch of its activities: a chance to leave your mark for years to come.

The SOC activities not only involve the monitoring of ESA’s IT infrastructure but will go beyond. In this exciting context, we are looking for a SOC Operator (Tier 3), with expertise in Incident Response and Threat Analysis, to work from ESA’s ESEC premises in Redu, Belgium.

You will be at the forefront of the cybersecurity defence, handling the most sophisticated threats and ensuring the resilience of different critical security infrastructure. You will work at a high technical level and be capable of identifying threats and threat vectors that cause security events.

Tasks and Activities

The scope of work will include:

  • Incident response: leading and orchestrating the response to complex and advanced security incidents, guiding Tier 1 and Tier 2 operators in resolution efforts.
  • Threat hunting: proactively searching for signs of advanced persistent threats within the environment, utilizing advanced techniques and tools.
  • Malware analysis: analyzing and dissecting malware to understand its functionality, origins and potential impact.
  • Collaboration with external entities: engaging with external cybersecurity entities, law enforcement and industry partners for intelligence sharing and collaboration.
  • Skills and Experience

    The following skills and experience are mandatory:

  • PhD or MSc in Engineering from a recognized institution of secondary studies (university, école supérieure etc.) or equivalent.
  • Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Incident Handler (GCIH), Certified Forensic Analyst (GCFA), or equivalent.
  • Knowledge of defence in depth, network analysis tools, endpoint security and commercially used Tools for Incident Response and Threat Analysis.
  • Proficient in gathering and analyzing threat intelligence to enhance proactive threat hunting.
  • Capability to perform behavioural analysis of malware and anomalous activities within the network.
  • Expertise in conducting detailed root cause analysis to identify the source and impact of security incidents.
  • Familiarity with cybersecurity frameworks such as MITRE ATT&CK for effective threat analysis.
  • Proficiency in utilizing advanced security tools, SIEM tools, and other cybersecurity technologies.
  • Eligible to undergo the ESA and EU secret security clearance procedure.
  • English fluent level, both in writing and speaking.
  • Why should you apply?

  • You will have the opportunity to work within a major institution.
  • We encourage everyone to think outside the box and to push the boundaries of traditional knowledge. This role is an opportunity to join a forward-thinking company and allows for a deeper understanding of the industry.
  • Benefits include: competitive remuneration packages; unique career opportunities, including working in other countries; personalized training and development programmes; flexible relocation support.
  • We welcome applications from people with disabilities, members of ethnic minorities, all genders, LGBTQ+ individuals and ex-service personnel.

    Anderen bekeken ook

    SOC Incident Response and Threat Analyst (Tier 3)

    Vast contract, Voltijds
    Security Engineer
    Deel nu: