Senior Cyber Defense Specialist

Will you help us keeping our energy system secure and future-proof? Enexis is at the heart of the energy transition and, as a regional grid operator, is a crucial part of the critical infrastructure in the Netherlands. That makes our digital environment interesting for attackers - and challenging for you as a Cyber Defense Specialist.

We are building a Next Generation Security Operations Center: a SOC driven by technology, automation and continuous improvement. Not a security "assembly line", but a smart combination of:

• Analysis (reactive) - responding quickly and effectively to signals and incidents

• Threat hunting (proactive) - actively searching for threats

• Detection engineering (improvement) - making our detections smarter every day

with the team and its members at the heart of our operations. Our core principles: risk-driven operations and minimizing manual work.

As a Senior Cyber Defense Specialist, you are one of the driving forces in our tier-less SOC. You are a creative problem solver with a strong security engineering mindset. Your motto is: "work smarter, not harder".

• You have experience with:
• Threat Intelligence and hunting:
• Creating threat landscape insights that are relevant for Enexis.
• Translating new and known threats into concrete actions and improvements.
• Developing hunting hypotheses and performing advanced hunts.
• Detection Engineering:
• Designing, building and maintaining (use case lifecycle management) advanced detection rules focused on APTs.
• Developing scripts, integrations and automations to improve detection and data analysis.
• Incident Triage and Response:
• Performing in-depth investigations and response activities (containment, eradication, recovery).
• Preparing the entire SOC team through trainings and exercises.
• Ensuring knowledge transfer and continuous improvement of response processes.

  You focus on 2 or 3 of the areas below:

  • Taking the lead in complex or critical security incidents.

  • Designing, implementing and improving threat hunting, incident response and detection engineering activities. This means you:

  • Have a clear understanding of the environment (business processes, digital landscape, chain dependencies), enabling you to accurately assess the impact of threats.

  • Know advanced attack techniques (TTPs) and how to counter them with smart detection engineering and targeted hunts.

  • Not only build detection logic, but also ensure our detection library is kept up to date, that we regularly test our detection logic, and adjust it where needed.

  • Building and maintaining automation (SOAR) and integrations to reduce manual work.

  In addition, you support the team by:

  • Developing an in-depth understanding of our infrastructure and our attack surface.

  • Participating in our stand-by shifts, contributing to our 24/7 resilience by performing.

  • Working closely with IT, OT SOC and security teams to sustainably mitigate risks and embed lessons learned.

  • Coaching colleagues within the SOC and promoting knowledge sharing and a culture of continuous improvement.

  • Keeping up with developments in the security domain and translating them into concrete improvements of our SOC capabilities.