We are looking for a Security Consultant who will take ownership of day-to-day security operations, including:Vulnerability managementDetection engineering and tuning (Defender, Sentinel)Security incident investigationSecurity policy complianceOperational reportingThis is a technical, hands-on position focused on practical execution and continuous improvement of our security defenses.Role descriptionConcretely, the security consultant will work within the Security team in close collaboration with platform team, the application squads but also with all other entities to answer to these concerns:Follow up cloud security metrics on a regular base, detect degradation and improvement areas, discuss with concerned partiesOrganize, follow-up & validate the vulnerability scanning, and pentests performed by 3rd parties with the concerned entitiesWork closely with the different team to ensure all findings are understood, the remediation is clear, patches are applied in a timely and effective manner. This includes performing regular maintenance tasks, monthly patching and resolving issues related to patching promptlyPerform & document Security Assessment of new applications and products to identify weakness earlier in the processFollow up security KPI, both on prem and in cloud: provide information, detect early the deviation, solve issues, coordination with remediating parties.Monitor and investigate security alerts on multiple platformsAdapt detection use cases to business requirementsbe part of the Incident response teamFollow up specific focus points, such as workstation patching and protection against vulnerabilities, asset decommissioning and security configuration.Perform Periodical security reviews and control of user management (joiners and leavers, ...)Solve operational Security issues and provide scripts, advice, assistance information and warnings, as well as recommendations based on security controlsPerform Application Security AssessmentsProvide technical expertise and support to other entities regarding security best practices and overall cybersecurity threats. This implies to build some knowledge about our products, and an active monitoring of security information sources to detect potential issues within the context.Manage clients certificate using property tools and issue activation codes to customersIdentify and install necessary security updates and software patchesSuggest and perform hardening improvements on workstationsSuggest improvements in terms of processes (such as better controls, better automation, ...) and help during the implementation.Learn and assist our application security program, participating in code reviews, pen testing and threat modelling.Feed the Agile backlog of the different squads with stories and tasks, whether they are assigned to the security engineer or to a different person.Must-have Required Skills/Qualifications/KnowledgeExperience: 3+ years in operational cybersecurity, ideally in a SecOps roleExperience in pen testing or secure code review (e.g., OWASP Top 10).Familiarity with MITRE ATT&CK, threat modeling, and red/blue team collaborationTechnical experience or affinity in one or more of the following areas: patching and hardening, network protocols, endpoint protection, user management in (Azure) AD Intune etcUnderstanding of cloud computing technologies, and emerging computing trendsStrong attention to detailSolid understanding of Windows & Linux operating systems with a proved experience is preferredSystematic, organised, structured, open to learn, and curious for new security trendsUnderstanding of Agile principlesYou speak at least one of the national languages, and you are fluent in EnglishYou are a team player who is humble, pro-active and people-smart