Cyber Security Incident Response Team (CSIRT)Officer

Company Description

ALTER SOLUTIONS is a consulting and technology expertise company founded in 2006. Our mission is to support our clients in their digital transformation challenges. Our services are structured around the following expertise areas:

• Software Delivery
• Infrastructure & Cloud Computing
• Agile IT Performance
• Business Performance

Our success relies on the development and fulfillment of each employee, so we place great importance on providing the best possible working conditions:

• Remote work available for a large part of our projects
• A Flex Office work environment available to everyone at all times to promote communication and collaboration
• Expert communities to share and disseminate skills within the group
• Close project management and HR support
• Annual training and certification opportunities
• Recognition of our consultants' expertise paths
• Strong openness to occasional or long-term international mobility
• Intrapreneurship opportunities

Job Description

You will join our Digital Transformation Division as part of a team of experts in software solution development, building robust, scalable, and secure infrastructures, agility and organizational transformation, and data management to support our clients.

In this role, you will work as a Cyber Security Incident Response Team (CSIRT) Officer, contributing to the daily security incident preparation, detection, and response activities. Your responsibilities will include handling and responding to security incidents, conducting forensic investigations, and performing threat detection and hunting. You will work closely with various teams within the organization to identify and mitigate security risks, ensuring the organization's security posture remains strong.

Key Responsibilities:

• Respond to level 3/4 security incidents, including malware infections, network intrusions, and data breaches.
• Conduct forensic investigations, coordinate and analyze security incidents, regardless of IT, IoT, or OT origin.
• Collaborate with SOC, CSIRT, and other internal teams to identify and mitigate security risks.
• Develop and implement incident response plans & procedures.
• Communicate and report security incident progress to internal and external stakeholders.
• Proactively identify threats and vulnerabilities through threat hunting and the use of SIEM and custom detection tools.
• Maintain and optimize SIEM systems, create detection rules, and write playbooks for consistent incident response.
• Contribute to projects involving new product rollouts, automation of manual tasks, and maintaining security platforms.

Qualifications

• Strong analytical and problem-solving skills with the ability to respond to security incidents effectively.
• Knowledge of security technologies and tools, including SIEM, EDR, intrusion detection, and prevention systems.
• Experience with security incident response, threat hunting, and SOC Engineering.
• Proficiency in scripting languages (Python, Bash, PowerShell) and query languages (Kusto Query Language, SPL).
• Experience with Linux system administration and cloud security concepts.
• Passion for security monitoring, digital forensics, incident response, and threat intelligence.
• Fluent in Dutch or French, with strong English proficiency.
• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent experience.
• At least 3-5 years of experience in a security-related role, with a focus on incident response and analysis.
• Relevant certifications (e.g., GCIH, GCFE, GCFA) are a plus.