1. Presentation of ETNIC

ETNIC (Entreprise pour les Technologies de l’Information et de la Communication) is the IT operator for the Fédération Wallonie-Bruxelles. As a public interest organization, ETNIC’s mission is to design, develop, maintain, and evolve information systems and technological infrastructures serving the administrations and institutions of the FWB.

A central player in the digital transformation of the Belgian French-speaking public sector, ETNIC operates in various domains such as:

• IT infrastructure management (networks, security, data centers, cloud),
• Development of tailor-made business applications,
• Support for digital projects (functional analysis, UX/UI, project management),
• Cybersecurity and data protection,
• User support and training.

With a constant focus on innovation, performance, and public service, ETNIC regularly collaborates with external partners to strengthen its teams through IT consulting assignments. These collaborations take place within an ethical and professional framework, oriented towards quality and the concrete impact of the delivered solutions.

2. Mission

• Hierarchical reporting: within the Security department, Traceability/Audit/Reporting (TAR) team under the supervision of the team lead;
• Operational mission related to the ELK software suite (ElasticSearch, Kibana, Logstash, Elastic Security, Elastic Defend) and related tools (Apache Kafka);
• Confirmed expertise in Fleet architecture and management of Elastic Agents (integration, policies, large-scale deployment). Experience with Elastic Security version 9.x is mandatory;
• Participate in the design and deployment of the collection architecture (Fleet Server, endpoints) as well as the implementation and maintenance of log ingestion pipelines from various sources related to different IT security services (Firewall, WAF, IAM, IDS/IPS, etc.);
• Transform and normalize data according to the Elastic Common Schema (ECS) standard;
• Participate in the implementation and configuration of the SIEM module of Elastic Security for the detection and analysis of security events based on predefined use cases;
• Participate in the deployment and configuration, according to use cases and threat modeling, of Elastic Agents on identified servers (mainly Linux, Windows) for collection, endpoint protection, and behavioral analysis (Elastic Defend), including management of security policies and the agent lifecycle via Fleet;
• Participate in defining dashboards and alerts necessary for monitoring and supervision;
• Assist internal teams in building expertise on Elastic operational and security best practices;
• Write technical and operational documentation to ensure the sustainability of the solution and facilitate knowledge transfer.

The position is based in Brussels (North Station). Regular on-site presence is required (50% per month, minimum 1 day/week) to foster teamwork, knowledge sharing, and direct collaboration with the Security teams.