Cybersecurity Defence Expert (relocation to Belgium)

We are looking for a Cyber Defence 'Detection Use Case Testing & Adversary Simulation' Expert who is willing to relocate to join our team in Brussels, Belgium.

Key Responsibilities:

Detection Use Case Testing:

• Provide assurance that detection Use Cases are working effectively and identify gaps in their detection logic.
• Focus on testing missing detection of offensive actions where detection logic is expected.
• Plan and execute limited adversary simulations to validate missing detections.
• Track vulnerabilities identified during testing, triage remediation tasks, and ensure their assignment to system owners.
• Collaborate with the Red/Blue Team to evaluate the effectiveness of existing alerts and assist in creating new detections.

Continuous Adversary Simulation:

• Conduct threat analysis by identifying impacted assets, developing threat scenarios, and defining an attack "kill chain."
• Analyze threats and prioritize countermeasures based on enterprise architecture, vulnerabilities, incidents, and opportunities for control improvements.
• Perform adversary simulations on identified gaps in countermeasures to enhance detection and response.

Required Qualifications:

• Strong knowledge of IT security technologies and processes, including network security, system security, perimeter protection, secure web infrastructure, and more.
• Experience in security incident management within SOC, CSIRT, or IT environments.
• Hands-on experience with logging, monitoring, and intrusion detection systems.
• Expertise in security testing for web applications, APIs, mobile applications, and cloud-hosted platforms.
• Proficiency in penetration testing tools such as Metasploit, CORE Impact, or Kali Linux.
• Ability to write custom scripts to automate vulnerability identification.
• Sound knowledge of MITRE ATT&CK framework.

Preferred Qualifications:

• Familiarity with IDS/IPS, NetFlow, and protocol analysis tools (e.g., Snort, Suricata, Bro, tcpdump, WireShark, etc.).
• Experience with log aggregation, SIEM platforms, and analytics tools (e.g., Splunk, ELK).
• Proficiency in Perl, Ruby, Python, or similar programming/scripting languages.
• Knowledge of web application security (e.g., OWASP) and cryptography algorithms/protocols (AES, RSA, MD5, SHA, Kerberos, etc.).
• Familiarity with NIDS/NIPS or HIDS/HIPS tools.

Why Join Us?

• Employment: Indefinite Contract from the start.
• Relocation Support: Great relocation package.
• Health Insurance: Comprehensive coverage for your well-being.
• Hybrid Work Model: 2 days on-site, 3 days remote.
• Continuous Learning: Access to a Udemy Business subscription with thousands of workshops and courses.
• Team Culture: Collaborative and innovative work environment.

How to Apply:

If you meet the above criteria and are ready for an exciting opportunity in a dynamic environment, submit your CV!