The DG Innovation et Solutions digitales/Innovatie en Oplossingen (ISDIO) of the SPF Intérieur/FOD Binnenlandse Zaken wishes to recruit a NOC/SOC Team Leader for its Cybersecurity department.

The Cybersecurity department monitors the IT security of the SPF Intérieur/FOD Binnenlandse Zaken’s data and systems and strives to stay one step ahead of cyber criminals. We proactively identify risks and aim to sound the alarm in time.

You will join the operational heart of the SPF/FOD IBZ and contribute to the security of the country. You will be responsible for managing all agents in our ‘first response team’. The NOC SOC team (Network Operations Centre/Security Operations Centre) ensures the IT security of ministry’s data & systems.

What does your role actually consist of?

You are the point of contact for ICT cyber security incidents and prevent problems by implementing procedures and tools. In case of incidents, you will coordinate actions with the CISO and the crisis team, resolve threats and restore systems.

You develop methods and procedures to handle incidents quickly and efficiently. You ensure 24/7 monitoring and document incidents with ‘lessons learned’ reports and post-mortem analyses.

You also support departments in gathering information on ICT infrastructure and keep your knowledge up to date with new trends and developments.

Specific tasks include:

• Implement and maintain security controls in various IT environments.
• Use of SIEM, IDS/IPS and firewalls to optimise security processes.
• Proactively responding to threat information.
• Performing vulnerability assessments and log analysis.
• Quickly analyse and resolve security issues.
• Ensure compliance with legislation and security policies.
• Managing cryptography and certificate management.
• Applying advanced reporting techniques.
• You will manage a SOC team and guide SOC team members in their professional development.

Technical skills:

• IT security: Thorough knowledge of software, hardware and network security.
• Incident Management: Experience with SOC, CSIRT or CERT management and governance processes for incident response.
• Cloud Security: Experience with Cloud Security (including Vulnerability Assessments).
• Thorough knowledge and practical experience with enterprise architecture frameworks and modelling, especially TOGAF and ArchiMate.
• Communication: Strong oral communication skills.
• Motivation: Strong motivation is essential for this position.

Certifications (nice to have):

• SOC Lead-certificering
• GIAC Strategic Planning, Policy, and Leadership (GSTRT) – SANS
• Certified Information Security Manager (CISM) – ISACA
• Certified Threat Intelligence Analyst (CTIA) – EC-Council
• GIAC Certified Incident Handler (GCIH) – SANS
• Certified Information Systems Security Professional (CISSP) – (ISC)²

Prerequisites:

• Possess or ability to obtain accreditation at Secret (EU and National) level. A security clearance is mandatory for this position.
• Integrity and discretion when handling sensitive information.
• Up-to-date knowledge of cybersecurity threats and trends.