Cybersecurity Defence Expert (Relocation To Belgium) Porto

Cybersecurity Defence Expert (Relocation To Belgium)
Porto
Porto, Porto District, Portugal

We are looking for a Cyber Defence 'Detection Use Case Testing & Adversary Simulation' Expert who is willing to relocate to join our team in Brussels, Belgium.

Key Responsibilities:

Detection Use Case Testing:

• Provide assurance that detection Use Cases are working effectively and identify gaps in their detection logic.
• Focus on testing missing detection of offensive actions where detection logic is expected.
• Plan and execute limited adversary simulations to validate missing detections.
• Track vulnerabilities identified during testing, triage remediation tasks, and ensure their assignment to system owners.
• Collaborate with the Red/Blue Team to evaluate the effectiveness of existing alerts and assist in creating new detections.

Continuous Adversary Simulation:

• Conduct threat analysis by identifying impacted assets, developing threat scenarios, and defining an attack "kill chain. "
• Analyze threats and prioritize countermeasures based on enterprise architecture, vulnerabilities, incidents, and opportunities for control improvements.
• Perform adversary simulations on identified gaps in countermeasures to enhance detection and response.

Required Qualifications:

• Strong knowledge of IT security technologies and processes, including network security, system security, perimeter protection, secure web infrastructure, and more.
• Experience in security incident management within SOC, CSIRT, or IT environments.
• Hands-on experience with logging, monitoring, and intrusion detection systems.
• Expertise in security testing for web applications, APIs, mobile applications, and
  - hosted platforms.
• Proficiency in penetration testing tools such as Metasploit, CORE Impact, or Kali Linux.
• Ability to write custom scripts to automate vulnerability identification.
• Sound knowledge of MITRE ATT&CK framework.

Preferred Qualifications:

• Familiarity with IDS/IPS, Net
  Flow, and protocol analysis tools (e. G. , Snort, Suricata, Bro, tcpdump, Wire
  Shark, etc. ).
• Experience with log aggregation, SIEM platforms, and analytics tools (e. G. , Splunk, ELK).
• Proficiency in Perl, Ruby, Python, or similar programming/scripting languages.
• Knowledge of web application security (e. G. , OWASP) and cryptography algorithms/protocols (AES, RSA, MD5, SHA, Kerberos, etc. ).
• Familiarity with NIDS/NIPS or HIDS/HIPS tools.

Why Join Us?

• Employment:
  
  Indefinite Contract from the start.
• Relocation Support:
  
  Great relocation package.
• Health Insurance:
  
  Comprehensive coverage for your
  - being.
• Hybrid Work Model:
  
  2 days
  - site, 3 days remote.
• Continuous Learning:
  
  Access to a Udemy Business subscription with thousands of workshops and courses.
• Team Culture:
  
  Collaborative and innovative work environment.

How to Apply:

If you meet the above criteria and are ready for an exciting opportunity in a dynamic environment, submit your CV!