Location: Tubize, BelgiumIn fast changing markets, customers worldwide rely on Thales. Thales is a business where brilliant people from all over the world come together to share ideas and inspire each other. In aerospace, transportation, defence, security and space, our architects design innovative solutions that make our tomorrow's possible.Thales Belgium SA, Belgium competence center of Thales, is a company located on 2 sites, one in Tubize (near Brussels) and the other one in Herstal (near Liège). Thales Belgium, which employs more than 230 collaborators, is specialized in the design, development and supply of critical information systems for customers in the sectors of Defense, Security (including Cyber), Transport and Aerospace.
For its activities, Thales Belgium SA, in Tubize, is looking for an:
On-site Level 3 SOC analyst
The European Organisation for the Safety of Air Navigation, commonly known as EUROCONTROL, is an international and intergovernmental organisation working to achieve safe and seamless air traffic management across Europe. It is made of 43 member states.
Thales is actively involved in EUROCONTROL digital transformation and as such provides the Network Management Operation Center (NMOC) with a wide range of cybersecurity services. One of these activities consists in operating a 24/7 CyberSecurity Operation Center (CSOC).
Belonging to a team of Thales cyber-security Level 1 and Level 2 experts, your mission is to interface both the SOC Back Office Team and the EUROCONTROL Security Officers as well as to support security incidents detection and response with the EUROCONTROL Technical Service Desk and Operation Center (CSO).
Main Responsibilities & Profile :
As an on-site SOC Level 3 analyst, your main responsibilities are:
- With the support of the Back Office SOC team, you make sure that each every security incident is detected, qualified and that the appropriate recommendation is proposed to the EUROCONTROL CSO team ;
- As a senior security expert, you will be the last Point of Escalation. Both SOC Level 1 and Level 2 security analysts will rely on your guidance to perform In-depth analysis of evidences, identify the malicious operations and evaluate the real impact in order for EUROCONTROL to eventually solve in a quick and efficient manner the most sensitive security incidents ;
- As a customer interface, you are responsible of tracking the technical requests and investigations issued by the EUROCONTROL Security Officers and keep the customer satisfaction to the best and highest standards ;
- On a daily basis, having a strong technical background, you are interacting with many on-site engineers from EUROCONTROL but not only in order to ease and fasten the incident resolution ;
- During Security crisis, you are the technical reference and you must coordinate technical activities so that the contractual Service Level Agreement (SLA) are fulfilled for the Incident Detection and qualification. You must be sharp and actively assist the EUROCONTROL CSO team in the security incident resolution.
- You are a key player when it comes to the SOC continuous improvement. As such, you are entitled to proactively update the correlation rules, extend the security perimeter and propose new security objectives and use cases.Moreover, any improvements or recommendations on IS and security components configuration shall automatically be escalated to the EUROCONTROL Security Officer ;
- Beeing a SIEM expert (IBM QRadar), you provide continuous improvement on rules detection, perform surveillance evolutions, detect new threats,manage and realize technical actions (reverse engineering, forensics). Each design documentation (High Level Design, Low Level Design, Security Design Document, …) is up-to-date and reviewed with EUROCONTROL security officers ;
- You are familiar with the ISO270001 methodology and you support ISMS toolset evolution and capture required ISMS evolution ;
- During Technical and Tactical committees preparation and presentation, you provide, on time, accurate figures and technical details to both Thales Service Delivery Manager and EUROCONTROL Security Officers. This materials will be extracted from both SIEM (QRadar) and Ticketing tool (Service Now) facilities using automated scripts that you will maintain.
Your profile is :
- Master in Software Engineering ;
- At least 5-year experience in Cybersecurity ;
- Expert in IBM QRadar administration and configuration ;
- One professional certification : CISSP or CISA or CISM or CRISC or related GIAC certifications;
- Experience with business-critical, complex, distributed systems ;
- Customer-oriented ;
- Autonomous, you are keen to take initiatives and make decisions ;
- Team player, flexible and open to feedback ;
- Curious, innovative and eager to learn;
- English proficiency mandatory.
If you are looking for:
- The solidity of a large Group ;
- The agility of a human-sized structure ;
- A company which at the forefront of innovation ;
- An environment that fosters personnel development of all collaborators and offers opportunities for evolution within an international group ;
If you defend values such as company spirit, sense of responsibility, ethics, creativity and teamwork;
Thales Belgium can be your partner.
At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields. Together we believe that embracing flexibility is a smarter way of working. Great journeys start here, apply now!