Cyber Security Team lead




IT Infrastructure/support

Project description:

The CSIRT Cyber Security Team lead will join the CISO S&S (Solutions and Services) team within the CISO organization (Cyber- and Information Security Office). He/she is responsible to manage the CSIRT Cyber Security Engineers, to align with direct peers in the CISO S&S team and the security services providers, to drive the roadmap and implementation of CSIRT enhancements and new services within the organization (including its affiliates).


Manage CSIRT engineers
As an experienced Cyber security professional you will supervise the CSIRT Cyber Security Engineers during their daily work. You will evaluate their technical decisions and follow-up their containment, remediation and recovery actions. Your in-depth security experience will help the CSIRT team to address complex incidents and you will take the lead in the technical investigation and set out the right countermeasures to get the situation under control as quickly and adequate as possible.

Align within the CISO S&S team and security service providers
The CISO S&S team covers different solutions and services offered to the organization, some of them delivered by external security services providers Your role is to be aligned with your direct peers and represent the CSIRT BUILD and RUN activities to them. You will ensure that the overall team is kept up-to-date about CSIRT and the CISO S&S portfolio is aligned.

Roadmap and CSIRT enhancements
Within the CSIRT environment we have multiple tools and solutions in place that help us to identify potential cyber security incidents and risks on a proactive way. You will help the BUILD team to drive the roadmap that has been set out, ensure this roadmap is kept aligned with new evolutions seen in the market, and explain intensions and progress to your reporting managers on C-level. Thanks to your close contact with both the RUN and BUILD engineers you also are aware of required enhancements and decides if they will be done in either RUN or BUILD.

Technical skills:

Bachelor's degree or equivalent experience
• 3 to 7 years of relevant experience in people management and incident handling
• Competent to analyse processes and propose improvements
• Solve complex technical incidents or coordinate other technical profiles to address those problems as a team
• In-depth knowledge of networking and security protocols like TCP, UDP, VPN, VLAN, BGP, …
• Used to work with security solutions like proxy, mail-relays, FW-rulebases, end-point anti-virus configurations, SIEM, IDS/IPS, …
• Keyworks like social engineering, scraping, information disclosure, brand monitoring, darkweb, … have no secrets for you
• Capable to solve complex technical incidents or to coordinate other technical profiles to address those problems as a team
• Experience with different red teaming techniques;
• Customer focus and able to handle in an organisation-sensitive way
• Record of responsibility
• Spoken and written fluency in English, and Dutch or French
• Passive understanding of Dutch and French

Contact person:

Contact name: Ellen Luckx