Senior Cyber Defense Specialist
Protect critical infrastructure in a tierless Next Gen SOC. As a Senior Cyber Defense Specialist you lead threat hunting, detection engineering and incident response to boost Enexis' digital resilience.
What are you going to do? With your energy, anything is possibleWill you help us keeping our energy system secure and future-proof? Enexis is at the heart of the energy transition and, as a regional grid operator, is a crucial part of the critical infrastructure in the Netherlands. That makes our digital environment interesting for attackers - and challenging for you as a Cyber Defense Specialist.
We are building a Next Generation Security Operations Center: a SOC driven by technology, automation and continuous improvement. Not a security "assembly line", but a smart combination of:
-
Analysis (reactive) - responding quickly and effectively to signals and incidents
-
Threat hunting (proactive) - actively searching for threats
-
Detection engineering (improvement) - making our detections smarter every day
with the team and its members at the heart of our operations. Our core principles: risk-driven operations and minimizing manual work.
How you'll tackle this challengeAs a Senior Cyber Defense Specialist, you are one of the driving forces in our tier-less SOC. You are a creative problem solver with a strong security engineering mindset. Your motto is: "work smarter, not harder".
- You have experience with:
- Threat Intelligence and hunting:
- Creating threat landscape insights that are relevant for Enexis.
- Translating new and known threats into concrete actions and improvements.
- Developing hunting hypotheses and performing advanced hunts.
- Detection Engineering:
- Designing, building and maintaining (use case lifecycle management) advanced detection rules focused on APTs.
- Developing scripts, integrations and automations to improve detection and data analysis.
- Incident Triage and Response:
- Performing in-depth investigations and response activities (containment, eradication, recovery).
- Preparing the entire SOC team through trainings and exercises.
- Ensuring knowledge transfer and continuous improvement of response processes.
You focus on 2 or 3 of the areas below:
-
Taking the lead in complex or critical security incidents.
-
Designing, implementing and improving threat hunting, incident response and detection engineering activities. This means you:
-
Have a clear understanding of the environment (business processes, digital landscape, chain dependencies), enabling you to accurately assess the impact of threats.
-
Know advanced attack techniques (TTPs) and how to counter them with smart detection engineering and targeted hunts.
-
Not only build detection logic, but also ensure our detection library is kept up to date, that we regularly test our detection logic, and adjust it where needed.
-
Building and maintaining automation (SOAR) and integrations to reduce manual work.
In addition, you support the team by:
-
Developing an in-depth understanding of our infrastructure and our attack surface.
-
Participating in our stand-by shifts, contributing to our 24/7 resilience by performing.
-
Working closely with IT, OT SOC and security teams to sustainably mitigate risks and embed lessons learned.
-
Coaching colleagues within the SOC and promoting knowledge sharing and a culture of continuous improvement.
-
Keeping up with developments in the security domain and translating them into concrete improvements of our SOC capabilities.
-
-
Extensive experience in cyber defense, including threat hunting and incident response in a (preferably tierless) SOC, CERT, CSIRT or similar security role.
-
Strong scripting/coding skills (for example Python, PowerShell or similar) for integrations, log processing and automation.
-
Strong communication skills - you can clearly report incidents and findings to both technical and non-technical audiences.
-
A strong focus on collaboration and the ability to coach others.
-
Solid analytical skills - you recognize patterns and anomalies in large volumes of data.
-
Decisiveness - you remain calm and effective during (potential) cyber incidents.
-
Affinity with, or experience in, OT/industrial environments is an advantage.
Your colleagues from the SOC team. Together with your fellow cyber defense specialists and the SOC lead, you form a close-knit team. You will work closely not only with colleagues from the IT SOC but also the OT SOC. You will work on site in Weert for 2 days a week; when needed, you will also work from Den Bosch. Of course, it is also possible to work from home.
What do you get from us? And we also invest in youAt Enexis, you work at the forefront of one of the greatest challenges of our time. This begins with a comprehensive welcome package and program to get to know your colleagues, along with excellent working conditions:
• Salary between €5,592 and €7,989 gross per month (based on a 40?'hour work week). Including secondary benefits, your salary can increase up to €10,282 gross per month.
• Contribution of 70% to your ABP pension scheme.
• Personal budget of 10% and a 13th month of 10.7% of your gross annual salary.
• 24.5 vacation days with options to purchase additional days.
• Opportunities to work from home, including a furnished workspace and reimbursement.
• Laptop, tablet, and phone for personal use.
• Travel allowance and a first-class public transport subscription.
• Wellness budget of € 700 for a gym membership, for instance.
• Opportunities to grow with our internal development platform or external courses.
Work as a Senior Cyber Defense Specialist on the energy network of tomorrow
Good to know
• After your application, you'll receive an email with more information about the procedure, which typically includes multiple interviews.
• Screening is part of the application procedure. More information will be provided during the procedure.
- Employment conditions
- Housing information