Address: Rue de la Loi 107, 1049 Brussels, Belgium Tel: +32 2 295 2100

IT Security Officer - Detection Engineer

Contract Agent Function Group IV

COOP - Cooperation
FORCE

What we propose

DIGIT CERT-EU is seeking to hire a truly motivated “IT Security Officer: Detection Engineer” to join our DFIR team.

The primary purpose of this role is to provide cybersecurity services to more than 90 European Union institutions, bodies, offices and agencies.

The successful candidate will help improving the security monitoring service by developing relevant and accurate detection rules inspired by threat intelligence reports, feedback from the SOC and DFIR teams and threat research. The successful candidate will automate the development and deployment of detection rules using the detection-as-code principle, will deliver and act upon actionable metrics that advance CERT-EU’s data-centric initiative.

The main activities of the selected candidate will include, but are not limited to:

  • Create, test, and maintain detection rules to detect malicious activities
  • Collaborate with the threat intelligence and incident response teams to turning emerging threats into effective detection rules.
  • Continuously improve detection rules quality by reducing noise in close collaboration with our SOC team.

In addition to the main duties, the selected candidate will participate in the general set of tasks executed by the team, will be involved in projects aiming at delivering the related services and will participate in the definition, implementation and delivery of such projects.

Who we look for

The ideal candidate must possess at least 3 years of relevant experience and possess a university-issued diploma or equivalent.

The ideal candidate will possess some, or all, of the following knowledge/experience/skills:

  • Experience in writing detection rules at scale using a detection-as-code approach
  • Experience working with continuous integration and continuous delivery (CI/CD) pipelines.
  • Experience with any public cloud or on-premise SIEM platforms.
  • Knowledge with macOS, Linux, and Windows operating systems.
  • Experience in authoring detection rules and documenting investigation notes.
  • Experience with Python and other programming languages.
  • Experience with offensive security is a plus.
  • Experience in incident response is a plus.

The selected candidate should also demonstrate the following required skills and characteristics:

  • A university degree in IT and at least 3 years of hands-on professional experience in IT Security.
  • Work experience within an MSSP-like environment.
  • A high level of customer orientation.
  • Strong analytical and problem-solving skills, including the ability to deal with a large amount of information in a limited time.
  • Ability to establish and maintain effective working relations with coworkers in an international and multi-disciplinary work environment.
  • A high degree of commitment and flexibility.
  • Work experience in a complex public sector environment.
  • Excellent communication skills in English, both orally and in writing.
  • Experience in delivering trainings and public presentations.
  • A focus on constant learning and improvement of technical and personal skills.
  • Experience with a vast array of IT technologies and the ability to quickly master new ones.

The candidate must hold a security clearance at EU SECRET level or be in a position to be security cleared.

What we offer

  • A friendly and multicultural workplace
  • A stimulating and unique environment where personal development, growth and initiative are encouraged
  • Continuous learning opportunities
  • Working with a supportive and dynamic team with a deep sense of mission
  • Flexible scheduling with the possibility to work from home on a part-time basis
  • An attractive salary.

Consult the Jobs at the European Commission page for more information on the working conditions. Please note that the position is based in Brussels, Belgium. Full remote work is not possible at this time.

Are you eligible

To apply, you have to:

  • Be a national of one of the Member States of the European Union
  • Be able to provide a certificate of good conduct
  • Have fulfilled any legal obligations related to military service
  • Be able to produce evidence of thorough knowledge of one of the official EU languages (level C1) and satisfactory knowledge of a second official EU language (level B2).

Additionally, to be recruited as a contract agent, you must have:

For function groups II and III

You must meet one of the following criteria:

  • Hold a post-secondary education diploma
  • Meet both of the following conditions:
    • Hold a secondary education diploma that provides access to post-secondary education, and appropriate professional experience of at least three years
    • Have professional training or professional experience of an equivalent level, where justified in the interest of the service.

For function group IV

You must meet both of the following criteria:

  • Hold a university degree corresponding to completed university studies of at least three years attested by a diploma
  • Have professional training of an equivalent level, where justified in the interest of the service.

If so, then apply!

  • Send an email to secretariat@cert.europa.eu with your CV (and a motivation letter in a single pdf). Please provide the title of the position you are applying for in the subject of your email.
  • If your skill set matches the requirements, your CV will be shortlisted for further evaluation, and you will need to take a CAST test. Worry not, our wonderful secretariat will supply all the necessary information.
  • If you are successful at the CAST, your application will be reviewed for further consideration.

We got cookies

We only use cookies that are necessary for the technical functioning of our website. Find out more on here.