Will you help us keeping our energy system secure and future-proof? Enexis is at the heart of the energy transition and, as a regional grid operator, is a crucial part of the critical infrastructure in the Netherlands. That makes our digital environment interesting for attackers - and challenging for you as a Cyber Defense Specialist.
We are building a Next Generation Security Operations Center: a SOC driven by technology, automation and continuous improvement. Not a security "assembly line", but a smart combination of:
-
Analysis (reactive) - responding quickly and effectively to signals and incidents
-
Threat hunting (proactive) - actively searching for threats
-
Detection engineering (improvement) - making our detections smarter every day
with the team and its members at the heart of our operations. Our core principles: risk-driven operations and minimizing manual work.
How you'll tackle this challengeAs a Senior Cyber Defense Specialist, you are one of the driving forces in our tier-less SOC. You are a creative problem solver with a strong security engineering mindset. Your motto is: "work smarter, not harder".
- You have experience with:
- Threat Intelligence and hunting:
- Creating threat landscape insights that are relevant for Enexis.
- Translating new and known threats into concrete actions and improvements.
- Developing hunting hypotheses and performing advanced hunts.
- Detection Engineering:
- Designing, building and maintaining (use case lifecycle management) advanced detection rules focused on APTs.
- Developing scripts, integrations and automations to improve detection and data analysis.
- Incident Triage and Response:
- Performing in-depth investigations and response activities (containment, eradication, recovery).
- Preparing the entire SOC team through trainings and exercises.
- Ensuring knowledge transfer and continuous improvement of response processes.
You focus on 2 or 3 of the areas below:
-
Taking the lead in complex or critical security incidents.
-
Designing, implementing and improving threat hunting, incident response and detection engineering activities. This means you:
-
Have a clear understanding of the environment (business processes, digital landscape, chain dependencies), enabling you to accurately assess the impact of threats.
-
Know advanced attack techniques (TTPs) and how to counter them with smart detection engineering and targeted hunts.
-
Not only build detection logic, but also ensure our detection library is kept up to date, that we regularly test our detection logic, and adjust it where needed.
-
Building and maintaining automation (SOAR) and integrations to reduce manual work.
In addition, you support the team by:
-
Developing an in-depth understanding of our infrastructure and our attack surface.
-
Participating in our stand-by shifts, contributing to our 24/7 resilience by performing.
-
Working closely with IT, OT SOC and security teams to sustainably mitigate risks and embed lessons learned.
-
Coaching colleagues within the SOC and promoting knowledge sharing and a culture of continuous improvement.
-
Keeping up with developments in the security domain and translating them into concrete improvements of our SOC capabilities.
-