CSIRT Analyst

Professional, Freelancer

Do you know where to find evidence of file/folder opening on a Windows system? Do you know what Prefetch, Shimcache and Amcache artifacts have in common? Do you know by heart when EventIDs like 4624, 1102 and 1149 are logged? Do you know when to use tools like FTK Imager, KAPE, Axiom, MemProcFS, Volatility 2/3, ...? Then you might be the digital forensics and incident response expert we're looking for!

  • You handle security alerts/incidents that have been escalated by the SOC Analysts (Tier 2)
  • You will handle security alerts and incidents together with your team
  • You do DFIR assignments, including DFIR readiness assessments
  • You participate in the weekly Threat Hunting duty to proactively chase threats through novel Tools, Techniques & Procedures (TTPs)
  • You will perform compromise assessments to identify potential compromises and their scope
  • You collect Threat Intelligence (IOCs and TTPs)
  • You will contribute to the Detection Engineering in SIEM, xDR, …
  • Together with the Red Team you will do Purple Teaming exercises to test and improve the defense
  • You contribute to the creation of a scenario in SOAR
  • You will co-write processes and procedures related to DFIR, Threat Intell, Threat Hunting, …
  • You will be part of our incident response on call service.

What you need to succeed:

  • You have at least 3-5 years of experience in a similar position
  • You have a solid experience in DFIR
  • You have a bachelor or master degree or equivalent through experience
  • You have a hands-on and proactive mindset with a 'can do' mentality
  • You have experience and/or interest in working with the following MDR tools: EDR (CrowdStrike Falcon, MS Defender for Endpoint, Sentinel One, ...), NDR (Vectra, Darktrace, ...), xDR (CrowdStrike Identity Protection, MS Defender for Office/Clouds Apps/Identity/...)
  • As an analyst or engineer, you already have a good knowledge of Security Monitoring with SIEM technologies
  • You are passionate about the following security capabilities: Security Monitoring, Digital Forensics, Incident Response, Threat Intelligence, Threat Hunting, ...
  • You speak fluently Dutch and English.

What are we offering:

  • At Cegeka, you'll be part of a certified Top Employer with over 150 Security professionals. To stay ahead in the ever-evolving Cyber Security world, you can participate in our Security Academy: 13 role-based learning paths, including certifications from technology providers such as Fortinet, CrowdStrike, Vectra, Cisco, Microsoft, CyberArk, Splunk, Tenable, and topics like Security Consultancy, Security Operations, and Identity & Access Management
  • Cegeka proves year after year in the Whitelane Research that we are a reliable and leading partner in the field of IT services, with in 2024 a first place for Security Services, a 2nd place in Network & Connectivity and a 3rd place for Workplace Services/Application Services
  • We ask a lot from you, but in return, you'll receive a lot! Competencies and character are essential to us, alongside experience and ambitions. Cegeka continually invests in talent management to help every employee realize their potential
  • You'll receive a competitive salary complemented with extra-legal benefits. Choose between an electric car with a charging pass or a mobility budget, meal vouchers, eco vouchers, a compelling group and hospitalization insurance, a mobile phone subscription, a fixed expense allowance, a powerful laptop, and the opportunity to personalize your salary package with our Flex Reward Plan
  • Enjoy flexible work hours and a healthy work/life balance
  • Be a part of a top team where new fresh ideas and initiatives are always welcome! Team events, monthly happy hours, and an always memorable company party are part of the experience
  • Continuously learn through knowledge-sharing meetings, participating in conferences, and external training. Knowledge-sharing and learning are paramount! Depending on your interests and initiatives, Cegeka offers various horizontal and vertical career paths
  • We value sustainability by aiming for CO2 neutrality through the electrification of our vehicle fleet and an environmentally friendly data center. We develop innovative solutions with a positive impact on the environment, people, and society. We strive for an inclusive and diverse work environment where everyone is valued and heard.

Aspire to more: our promise to you!

At Cegeka you get all the opportunities you need to develop further as a professional. Together we discover what you really want to do for our clients and colleagues. We would like to invite you to grow with us. In an unprecedented variety of challenging and meaningful IT projects. Make your mark on projects with interesting customers where we can make the difference. Aspire to more!

We are always working together here. Intensively, with lots of fun and commitment. It is a culture driven by family values: full of trust, people-oriented, open, loyal and respectful. We offer a lot of freedom and responsibility. We want you to be part of the next phase of a proud, successful, fast-growing, innovative, European IT company full of ambitions.

Application flow

Do you have any questions about this role?

Let's connect.