Location: Brussels
Contract: 01/01/2026 – 01/07/2026

As a crucial member of the Cyber Defence team, this position ensures robust protection for the bank against unauthorized cyber activity. The role centers on the management of security incidents, execution of digital forensic analyses, and ongoing threat hunting operations. The role also leverages cyber intelligence insights to enhance incident detection and remediation capabilities.

• Lead and coordinate the organization’s response to security incidents, overseeing procedures and ensuring effective follow-up actions.
• Conduct digital forensics investigations, focusing on Windows systems to collect and preserve evidence relevant to potential breaches.
• Develop and maintain incident reaction plans and detailed runbooks to guide timely and consistent incident responses.
• Perform threat hunting by leveraging intelligence and findings from incidents to proactively identify latent risks within the digital ecosystem.
• Collect and analyze cyber threat intelligence to recognize impacted assets, evaluate potential attack scenarios, and support risk prioritization.

• Operate and interpret output from various logging, monitoring, IDS/IPS, and protocol analysis tools (such as Snort, Suricata, Bro, Argus, SiLK, tcpdump, WireShark).
• Employ SIEM and log platforms (QRadar, Splunk, ELK) for real-time threat monitoring and post-incident analysis.
• Utilize scripting and programming skills with Python, Ruby, PHP, and text manipulation tools (sed, awk, grep) to facilitate forensic processes and automate analysis tasks.

• Work in a multilingual environment requiring fluency in English (oral and written), with good command of French; Dutch is considered an asset.

Daily activities are structured to advance the security posture of the bank by navigating, analyzing, and responding to both emerging and ongoing cyber threats within a dynamic team setting.

We are looking for candidates who thrive in fast-paced and challenging environments, showing true commitment to protecting critical assets. The ideal person for this role is resilient, remains calm under pressure, and combines a methodical approach with a strong sense of urgency and initiative. Integrity, reliability, and discretion are at the heart of how they operate, ensuring sensitive information and decisions are managed responsibly.

• Analytical Mindset: Able to dissect complex situations and spot subtle patterns or anomalies. Highly detail-oriented, yet skilled at connecting dots and considering the bigger picture to prioritize actions effectively.
• Collaboration & Communication: A team player who engages proactively and shares knowledge openly. Communicates clearly and confidently in English, both verbally and in writing. Capable of holding professional conversations in French, with Dutch as a valuable asset.
• Learning Agility: Driven by curiosity and the desire to stay ahead of emerging threats. Embraces opportunities to learn new tools, techniques, or intelligence, and is eager to share insights with colleagues.
• Technical Acumen: Brings robust experience in IT security environments, especially in incident management and response. Proficient with a variety of security, monitoring, and analytical tools (such as Splunk and SIEM platforms), and able to leverage scripting and programming skills (notably Python or Ruby) to solve problems and automate tasks efficiently.
• Autonomy & Initiative: Comfortable taking ownership of investigations and decisions, while knowing when to escalate issues or collaborate with others. Naturally takes initiative to develop and refine processes, improving overall resilience.

We value strong ethical standards, a security-first mindset, and a proactive attitude toward ongoing learning and adaptation. If you demonstrate these qualities and are motivated to protect organizational assets in a dynamic, multilingual setting, you will excel in this role.