Job Title: L3 SOC Analyst / Detection Engineer
Languages: (Dutch or French) & English
Work Location: Brussels (Hybrid, 2-3 days/week onsite)
Contract Duration: 31/05/2026 - 30/05/2027
Job Description - Roles and Responsibilities
Position Overview
The L3 SOC Analyst / Detection Engineer is responsible for leading advanced cybersecurity incident investigations, supporting L1 and L2 analysts during escalations, and continuously improving the organisation's detection and response capabilities. The role combines expert-level incident response, proactive threat hunting, and detection engineering to strengthen the maturity and effectiveness of the Security Operations Centre (SOC).
Key Responsibilities
Advanced Incident Response
* Lead the investigation and resolution of complex and high-severity cybersecurity incidents.
* Support L1 and L2 analysts during incident escalations and provide technical guidance.
* Conduct advanced forensic investigations and root cause analysis.
* Coordinate containment, eradication, and recovery actions with IT and security teams.
Threat Hunting and Advanced Analysis
* Perform proactive threat hunting activities using threat intelligence and behavioural analysis.
* Identify attacker tactics, techniques, and procedures (TTPs) aligned with MITRE ATT&CK.
* Analyse malware, phishing campaigns, suspicious behaviours, and advanced attack patterns.
Detection Engineering
* Design, develop, test, and maintain SIEM/EDR/XDR detection use cases and correlation rules.
* Improve existing detections to reduce false positives and increase detection fidelity.
* Translate threat intelligence into actionable detection content.
* Validate detection effectiveness through simulations, purple team exercises, and adversary emulation.
SOC Continuous Improvement
* Identify gaps in monitoring, detection, and incident response processes.
* Develop and improve SOC playbooks, procedures, and automation capabilities.
* Contribute to SOC reporting, metrics, and operational maturity initiatives.
* Mentor junior analysts and support knowledge sharing across the SOC team.
Skills
* Detection Use case development/improvement
* iOS
* L3 Incident Responder
* Linux Red Hat
* Malware Analysis
* Microsoft Azure
* Microsoft Defender XDR
* Microsoft Sentinel
* Purple teaming
* Scripting KQL
* Service Now
* Splunk
* Stamus
* Vulnerability Management
* Windows Server 2016 to now