PpTo further strengthen our Security Operations team, imec is looking for a security engineer with a strong focus on detection engineering. In this role, you will help strengthen imec’s security posture by designing high‑fidelity detections, continuously improving detection quality, and supporting complex security investigations. Automation and SOAR are used as enabling components to support detection and response effectiveness. /p pYour work directly protects imec’s high value research environment and intellectual property. You focus on threat informed detection engineering, continuous validation and improvement of detection quality, and selective automation that enables the security operations and incident response teams to act faster and more effectively. /p pThis role combines a deep analytical work, a strong engineering mindset, and close collaboration with security operations and incident responders. /p pAs part of the role, you may contribute to 3rd line incident support activities, such as explaining detection behaviour, telemetry context, and automation flows, and assisting with determining attack scope, techniques, and response priorities during complex incidents. /p h3Your responsibilities /h3 pYou design and maintain detection capabilities as a core, continuous engineering discipline: /p ul liDesign, implement, and maintain high quality detection logic based on attacker behaviour and threat techniques, aligned with frameworks such as MITRE ATTCK. /li liApply detection as code principles, including version control, structured testing, documentation, and continuous improvement. /li liContinuously tune and optimize detections to reduce false positives and improve fidelity, based on security operations feedback and measurable performance metrics. /li liDocument detection intent, expected behaviour, assumptions, limitations, and required security operations handling steps. /li liCollaborate closely with security operations analysts, incident responders, and threat hunters to translate operational insights into new or improved detections. /li liLeverage AI to support detection development, analysis, and prioritisation, and explore AI supported enhancements that improve detection quality and analyst efficiency. /li /ul pAs part of this role, you may contribute to 3rd line incident support activities, such as explaining detection behaviour, telemetry context, and automation flows, and assisting with determining attack scope, techniques, and response priorities during complex incidents. /p h3Automation SOAR support (+/- 25%) /h3 pYou support scalable security operations by contributing to automation where it adds clear value: /p ul liContribute to the design, build, and maintenance of SOAR playbooks that support detection driven triage, enrichment, and response activities. /li liIntegrate security tooling and platforms using APIs, scripting, and workflow logic to support detection and investigation workflows. /li liIdentify manual or repetitive tasks within detection and response processes that can be safely and effectively automated. /li liEnsure automation is secure, auditable, well documented, and aligned with operational needs. /li liImprove automation reliability and usability based on operational experience and feedback. /li /ul h3What we do for you /h3 pWe offer you the opportunity to join one of the world’s premier research centers in nanotechnology at its headquarters in Leuven, Belgium. With your talent, passion and expertise, you’ll become part of a team that makes the impossible possible. Together, we shape the technology that will define the society of tomorrow. /p pWe are committed to being an inclusive employer and proud of our open, multicultural, and informal working environment with ample possibilities to take initiative and show responsibility. We commit to supporting and guiding you in this process; not only with words but also with tangible actions. Through imec.academy, 'our corporate university', we actively invest in your development to further your technical and personal growth. /p pWe are aware that your valuable contribution makes imec a top player in its field. Your energy and commitment are therefore appreciated by means of a market appropriate salary with many fringe benefits. /p h3Who you are /h3 h3Experience knowledge /h3 ul liBachelor’s or master’s degree in computer science, engineering, cybersecurity, or a related field, or equivalent practical experience. /li liStrong foundational understanding of cybersecurity, SOC operations, and attacker techniques. /li liExperience with detection engineering, SIEM platforms, or security monitoring systems. /li liFamiliarity with detection lifecycle management, tuning methodologies, and effectiveness metrics. /li liScripting or automation skills (e.g. Python, PowerShell, or workflow based automation). /li liExperience with SOAR or security automation is a plus, but not the primary focus of the role. /li liInterest in using AI assisted security tooling to improve detection and analyst effectiveness. /li liStrong analytical skills and clear communication in English, enabling collaboration in a multicultural environment. /li /ul h3Skills mindset /h3 ul liYou are curious, analytical, and motivated to continuously improve detection quality and coverage. /li liYou enjoy solving complex problems and translating attacker behaviour into effective detections. /li liYou prioritize context and high quality signals over alert volume, and you work effectively with an MSSP as a trusted partner to continuously improve detection and response within a hybrid SOC model. /li /ul h3Following assets are considered a plus: /h3 ul liExperience investigating or supporting complex security incidents. /li liExposure to threat hunting, attacker tradecraft, or threat informed defense concepts. /li /ul /p #J-18808-Ljbffr