L3 SOC Analyst & Detection Engineer - Cyber Defense ...

• Advanced Incident Response: Lead investigations into complex and high-severity cybersecurity incidents (L3 escalations).
• Detection Engineering: Design, test, and maintain SIEM/EDR/XDR detection use cases and correlation rules (Sentinel, Splunk, Defender).
• Threat Hunting: Proactively search for attackers using threat intelligence and the MITRE ATT&CK framework.
• Forensic Investigation: Conduct in-depth root cause analysis and malware analysis.
• Continuous Improvement: Optimize SOC playbooks and automation via KQL scripting and Purple Teaming exercises.
• Mentorship: Guide and coach L1 and L2 analysts to increase the overall maturity of the team.

Are you a driven cybersecurity expert with a passion for threat hunting and detection engineering? At Randstad Digital, we are looking for an experienced L3 SOC Analyst to play a crucial role in protecting financial stability at a national level. In this challenging role, you will handle complex incident response, develop advanced detection logic in Microsoft Sentinel and Splunk, and contribute directly to national security by proactively eliminating threats.

Location: Hybrid (Brussels Region / Remote)

Experience: 8+ years in IT Security (including at least 6 years as a SOC Analyst/Incident Responder)

Education: Master's or Bachelor's degree in Computer Science, Cybersecurity, or equivalent through experience., * Technical Expertise: Deep experience with Microsoft Sentinel, Microsoft Defender XDR, and Splunk.

• Skills: Strong proficiency in KQL scripting and experience with Linux Red Hat and Windows Server environments.
• Methodology: Thorough knowledge of the MITRE ATT&CK framework and Purple Teaming.
• Soft Skills: Analytical, autonomous, proactive, and a strong team player.
• Languages: Fluent in Dutch OR French, combined with professional proficiency in English.
• Integrity: Willingness to undergo a security screening by the Federal Police.