About the role
Join the CISO Cybersecurity Center of Excellence for our client and help protect critical infrastructure across IT, IoT, and OT environments. We're looking for passionate cybersecurity professionals who can strengthen incident response, penetration testing, and vulnerability management capabilities. Depending on your background you may focus on:
* Incident response & threat detection (CSIRT)
* Offensive security & penetration testing (Pentester)
* Vulnerability management & remediation coordination (Technical Vulnerability Manager)
You will work closely with internal teams and external partners to enhance cyber resilience and drive continuous improvement.
Key responsibilities
Depending on your specialization, you may:
Incident Response & Threat Hunting
* Detect, investigate and respond to advanced security incidents (level 3/4).
* Conduct digital forensics and malware analysis.
* Create and maintain SIEM use cases, playbooks and automated responses.
* Collaborate with SOC and threat intelligence teams.
Penetration Testing & Red Teaming
* Execute controlled penetration tests on networks, applications and cloud environments.
* Identify exploitable vulnerabilities and provide remediation guidance.
* Participate in red/blue/purple team exercises and adversary emulation.
* Develop custom tooling and automation for testing.
Vulnerability Management
* Administer and manage the ServiceNow Vulnerability Response (VR) module and CMDB integrations.
* Prioritize and coordinate remediation with application and infrastructure owners.
* Evaluate false positives and exception requests, track SLA compliance and lifecycle metrics.
* Improve VR workflows, dashboards and automation; align with patch/change processes.
Required skills & experience
* Bachelor's degree in Computer Science, Information Security or equivalent experience.
* 3–10 years in cybersecurity with a focus in incident response, pentesting or vulnerability management.
* Strong understanding of networking, Windows/Linux systems, cloud platforms (AWS/Azure/GCP) and container ecosystems.
* Hands-on with tools such as SIEM (e.g., Sentinel), EDR, Burp Suite, Nmap, Metasploit, Nessus, Wireshark.
* Scripting experience (Python, Bash, PowerShell).
* Knowledge of OWASP Top 10, MITRE ATT&CK and secure coding principles.
* Experience with ServiceNow VR and vulnerability scanning is a strong plus (for the Vulnerability Manager stream).
* Excellent analytical skills and problem-solving mindset.
* Strong communicator — able to present technical findings to both technical and non-technical stakeholders.
* Customer-oriented and organization-sensitive approach; high discretion handling sensitive data.
Qualifications & other requirements
* Relevant certifications desirable (examples: OSCP, GPEN, GCIH, GCFA, GREM, GWAPT, ServiceNow VR).
* Fluent in English and Dutch or French (spoken & written).
* Mandatory 2 days/week onsite in Brussels, including Thursday.
* Willingness to participate in on-call rotas or incident-duty schedules as needed.