Information Security Engineer

EVS Broadcasting
Liège, Belgium
5 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English, French
Experience level
Intermediate

Job location

Liège, Belgium

Tech stack

Microsoft Access
Software System Penetration Testing
Business Process Modeling
CompTIA Security+
Computer Security
Identity and Access Management
Network Security
Microsoft Security Essentials
Microsoft Office
Network Segmentation
Security Information and Event Management
Software Vulnerability Management
EndPointSecurity
Microsoft InTune
Microsoft Sentinel
Fortinet
CIS Benchmarks

Job description

In this hands-on role, you'll drive operational cybersecurity: vulnerability management, security monitoring, incident response support, security assessments, and ongoing improvement of our controls. You'll work closely with Infrastructure and Workplace teams to strengthen our security posture and help execute the security roadmap.

EVS is an NIS2 Essential Entity under Belgian law, currently working toward ISO/IEC 27001:2022 certification (target: April 2027). You'll play a direct role in this programme : implementing controls, producing evidence, and ensuring audit readiness across the IT Corporate perimeter., As part of the IT Security team, the Information Security Engineer will contribute to the following activities:

Security Operations & Monitoring

  • Monitor and investigate alerts across multiple platforms
  • Take part in incident response efforts and help coordinate investigations
  • Help refine and tune detection capabilities and monitoring use cases
  • Support the development and upkeep of operational procedures and playbooks
  • Conduct operational reviews and related follow-up work

Vulnerability & Exposure Management

  • Organize scanning activities and ensure findings are reviewed and prioritized appropriately
  • Liaise with infrastructure, platform, application and support teams on remediation actions
  • Track remediation progress and escalate overdue items when needed
  • Arrange external penetration tests and other assessments
  • Ensure findings from these engagements are documented, tracked, and resolved

Security Assessments & Risk Management

  • Assess applications, services and technical solutions from a security standpoint
  • Contribute to risk evaluations for new projects, technologies and providers
  • Examine configurations and flag areas for improvement
  • Help identify and manage risks across the IT environment

Security Governance & Reporting

  • Maintain and track operational KPIs and dashboards
  • Assist with reporting on vulnerabilities, incidents, posture and remediation efforts
  • Participate in periodic access reviews, including privileged accounts and controls
  • Support compliance efforts and implementation of requirements under ISO/IEC 27001:2022 and NIS2
  • Produce and maintain auditable evidence of control operation in line with ISO 27001:2022 (logs, reports, review records, remediation closure evidence)

Improvement & Automation

  • Spot opportunities to strengthen controls and streamline processes
  • Contribute to automation initiatives that reduce manual effort
  • Make use of available tooling - including built-in analytics and automation features - to enhance detection quality and efficiency
  • Keep documentation and procedures up to date

Collaboration & Advisory

  • Offer guidance to IT teams and project stakeholders
  • Partner with Infrastructure and Workplace teams to strengthen overall posture
  • Champion best practices and support awareness initiatives
  • Keep up with emerging threats, vulnerabilities and industry trends

Requirements

  • Minimum 3 years in cybersecurity, security operations, vulnerability management, or a related technical security role
  • Background in security monitoring, incident handling, or vulnerability management
  • Practical exposure to security tools and operational processes

Technical Knowledge

  • Solid grasp of security monitoring and incident response principles
  • Knowledge of vulnerability management processes and risk-based remediation prioritization - combining CVSS scores with asset criticality, exploitability context, and compensating controls
  • Hands-on experience with the Microsoft Defender XDR suite: Defender for Endpoint (EDR), Defender for Office 365 / Exchange Online Protection, Defender for Identity
  • Exposure to Microsoft Sentinel (SIEM/SOAR) or an equivalent platform - deployment experience is a strong asset
  • Grasp of Entra ID governance: Conditional Access, Identity Protection, Privileged Identity Management (PIM)
  • Working knowledge of Microsoft Intune (MDM, endpoint compliance policies) and Microsoft Purview (DLP, compliance)
  • Command of network security fundamentals: firewall management (Palo Alto / FortiGate), log forwarding, network segmentation principles
  • Awareness of common frameworks and industry best practices (ISO/IEC 27001, NIST CSF, CIS Controls)

Personal Skills

  • Strong analytical and problem-solving mindset
  • Organized, structured, and detail-oriented
  • Able to work independently while collaborating effectively across teams
  • Curious, with a drive to keep learning new technologies and trends
  • Proactive, with a continuous-improvement mindset
  • Strong communication and coordination abilities
  • Team player with a practical, solution-oriented approach

Languages

  • Fluent in French (working language of the IT team)
  • Professional English required - all security tooling, vendor documentation, and ISO/IEC 27001 programme materials are in English

Certifications (Nice to Have)

  • SC-200 - Microsoft Security Operations Analyst (strongly preferred given the EVS tooling stack)
  • SC-300 - Microsoft Identity and Access Administrator
  • CompTIA Security+ or CySA+
  • ISO/IEC 27001 Lead Implementer or Lead Auditor - a strong differentiator in the current certification programme context

Benefits & conditions

Becoming part of the EVS team means receiving a competitive salary aligned with your skills and market standards, along with a wide range of wellness and healthcare benefits.

Our flexible schedules and hybrid working policies help support work-life balance. EVS also provides opportunities for career growth, internal mobility, and a broad range of training programs. You will join a friendly, lively, and inclusive environment that values motivation and ambition.

Apply for this position