IT Specialist Operations
Functieprofiel
Eisen:
- Ervaring SOC
- Project ervaring (pre als iemand gewerkt heeft volgens agile methodieken)
- Ervaring in L2/L3 incident response
- Ervaring in forensics
- Project ervaring (pre als iemand gewerkt heeft volgens agile methodieken)
- Ervaring in L2/L3 incident response
- Ervaring in forensics
- Nederlands sprekend
Kennis:
● Incident Response & Forensic Analysis: Led numerous investigations, of which a substantial number of high-profile cases, developed national SOC capabilities, and trained incident response teams. Extensive experience in malware analysis, threat hunting, and APT responses
● Security Architecture & Engineering: Assessed, revised, built, and designed complex security architectures, ensuring robust protection against evolving threats.
● SOC/SIEM Management: Extensive expertise in managing and optimizing SIEM platforms such as Splunk, QRadar, and ArcSight. Hands-on experience in SOC process establishment, reporting, and optimization, with a focus on enhancing threat hunting capabilities and SOC operations.
● Malware Analysis & Threat Hunting: Conducted in-depth malware analysis and proactive threat hunting, focusing on APT, ransomware, and cloud environments (AWS, GCP, Azure, Microsoft 365), using Splunk, Sentinel, Elasticsearch, Plaso, IDA Pro, python, Jupyter Notebooks.
● Cybersecurity Training & Knowledge Sharing: Training on a national and corporate level for SOC operations, SIEM management, Threat Hunting, DFIR . Sharing expertise at conferences and as a guest speaker.
● Security policies and security procedures: Created and assessed security policies and procedures against NIST, ISO27001, relevant security frameworks to ensure compliance and effectiveness.
● Team Leadership & Project Management: Managed teams of highly technical experts, incident lead, managed various projects (Agile, Prince2)
● Artificial Intelligence in Cybersecurity: Applied AI and ML in detection engineering, Pentesting, SOC triage, process optimization, SOAR and DFIR.
● Security Architecture & Engineering: Assessed, revised, built, and designed complex security architectures, ensuring robust protection against evolving threats.
● SOC/SIEM Management: Extensive expertise in managing and optimizing SIEM platforms such as Splunk, QRadar, and ArcSight. Hands-on experience in SOC process establishment, reporting, and optimization, with a focus on enhancing threat hunting capabilities and SOC operations.
● Malware Analysis & Threat Hunting: Conducted in-depth malware analysis and proactive threat hunting, focusing on APT, ransomware, and cloud environments (AWS, GCP, Azure, Microsoft 365), using Splunk, Sentinel, Elasticsearch, Plaso, IDA Pro, python, Jupyter Notebooks.
● Cybersecurity Training & Knowledge Sharing: Training on a national and corporate level for SOC operations, SIEM management, Threat Hunting, DFIR . Sharing expertise at conferences and as a guest speaker.
● Security policies and security procedures: Created and assessed security policies and procedures against NIST, ISO27001, relevant security frameworks to ensure compliance and effectiveness.
● Team Leadership & Project Management: Managed teams of highly technical experts, incident lead, managed various projects (Agile, Prince2)
● Artificial Intelligence in Cybersecurity: Applied AI and ML in detection engineering, Pentesting, SOC triage, process optimization, SOAR and DFIR.