Medior Security Operations Analyst

Your day starts with reviewing the latest alerts in Microsoft Sentinel and Defender XDR. A login attempt from an unusual location catches your eye. You dig in, correlate logs, and confirm it's a phishing attempt. You isolate the account, raise an incident, and work with IT to strengthen MFA rules.

Later, you join a threat hunting session with senior analysts, tuning detection rules and testing new use cases. In the afternoon, you validate new log sources, write documentation for a recent incident, and share insights with the team.

Every day you're learning, not just tools and techniques, but how to think like an attacker and respond like a defender.

Furthermore:

• Monitor & detect: Analyse alerts and events in Microsoft Sentinel and Defender XDR, validate and investigate alerts, and support continuous tuning of detection logic.
• Respond: Support investigations and coordinate response actions, document findings, remediation steps, and lessons learned.
• Hunt & improve: Participate in threat hunting sessions and help fine-tune detection logic and alert quality.
• Analyse: Conduct basic malware and behavioral analysis to support incident investigations, escalating complex cases to senior analysts.
• Support vulnerability management: Review scan results and help coordinate remediation with IT teams.
• Enhance telemetry: Assist in log onboarding and data validation across endpoints and cloud systems.
• Collaborate & grow: Work closely with senior analysts, improve playbooks, and continuously expand your skills.

Your Team

You'll join a young, dynamic SOC team within BAM's IT & Security organisation, reporting into the Security Operations team. The team combines curiosity with expertise, they monitor, analyse, and continuously improve. The atmosphere is open and supportive, colleagues help each other, share knowledge, and celebrate progress together. You'll work hybrid, primarily from Bunnik, with flexibility to work from home and visit project sites when needed.

• A Bachelor's or Master's degree in Cyber Security, Computer Science, Information Security, or a related technical field,
• 2-4 years of experience in a SOC, CSIRT, or similar security monitoring role
• Familiarity with Microsoft Sentinel, Defender XDR, or other SIEM/EDR tools,
• Experience in triaging alerts and understanding incident response workflows,
• Strong analytical and problem-solving mindset, eager to learn and grow,
• Fluent in Dutch (B2 or higher) and English (spoken and written),
• Experience with scripting for automation purposes (e.g. Python, PowerShell, or KQL) is a plus.

Nice-to-have:

• Experience with Microsoft Defender for Endpoint, Identity, or Cloud Apps,
• Some scripting knowledge (KQL, PowerShell, or Python),
• Understanding of MITRE ATT&CK, threat intelligence, or vulnerability management,
• Certifications like SC-200, CompTIA Security+, or equivalent.

• A competitive salary between €4,350 and €5,580 gross per month, based on experience and a 40-hour workweek, plus 8% holiday allowance
• Excellent secondary benefits under the Bouw & Infra collective labour agreement, including a sustainable employability budget (2.18%), 25 vacation days, 15 roster-free days, and 3 short-leave days per year,
• Travel allowance, laptop, and iPhone,
• Unique learning opportunities through our in-house platform BAM Learning, plus Microsoft certifications and external courses,
• Extras like 40% discount on gym memberships, and discounts on private insurance and Microsoft Office. At BAM, you'll grow as a professional, and as part of a team that protects the foundations of society.

Magnet.me - The smart network where students and professionals find their internship or job. The smart network where students and professionals find their internship or job. Log inSign up Koninklijke BAM Groep nv * Construction * * 8,000 employees, At BAM, we design and build the infrastructure that keeps the Netherlands running, from dikes, bridges, and energy networks to hospitals and other public facilities. These are the systems a nation depends on. As a Security Analyst, you help protect that foundation. You'll be part of a modern, Microsoft-native Security Operations Center (SOC), where you detect, investigate, and help contain cyber threats that could disrupt vital infrastructure. Your work directly strengthens the digital and physical resilience of the country. You're not just defending networks, you're defending the future of the Netherlands., BAM Nederland B.V. is part of Royal BAM Group nv, a leading European construction and engineering company active in Building and Property, Infrastructure, and Public-Private Partnerships. Sustainability and innovation are at the heart of everything we do, from design and construction to facility management. We aim to lead the digital transformation of our industry and deliver the highest standards of quality, safety, and sustainability. Koninklijke BAM Groep nv Koninklijke BAM Groep nv ontwerpt, bouwt en onderhoudt gebouwen, woningen, en infrastructuur voor opdrachtgevers in de publieke en private sector. In alles wat we doen, zijn veiligheid, duurzaamheid en innovatie leidend. Na een dag hard werken willen we allemaal veilig naar huis. Daarnaast doen we er alles aan om onze impact op het milieu te beperken. Zo werken we aan het terugdringen van onze CO2-uitstoot. Ook streven we ernaar om ons bouw- en kantoorafval te verminderen én te hergebruiken. Construction Bunnik Active in 3 countries 8,000 employees 80% men - 20% women Average age is 39 years