Information Security Engineer - Freelance

Collective.work
Liège

Soumettre votre candidature

Détails de l'emploi

Temps plein | Freelance/Indépendant
550 € par jour
Il y a 1 jour

Qualifications

Français
Microsoft Access
Anglais
Microsoft Office
Sécurité des informations
Firewall
Réponse aux incidents
SIEM
Cyber-sécurité
Intune
Sécurité des réseaux

Description complète du poste

Job description

Taux journalier (TJM): 550

An international technology company operating in the media sector is looking for an Information Security Engineer to join the IT Security team within the corporate IT department. The role focuses on operational cybersecurity activities, vulnerability management, security monitoring, incident response support, security assessments, and continuous improvement of security controls.

This is a hands-on role combining technical expertise, operational follow-up, coordination, and continuous improvement. The position is part of a structured cybersecurity and compliance programme in the context of NIS2 obligations under Belgian law and the implementation of ISO/IEC 27001:2022 certification, with a target of April 2027. The consultant/employee will contribute directly to control implementation, evidence production, and audit readiness across the corporate IT perimeter.

Practical information

Location: Seraing (Liège), Belgium
Contract type: open to freelance consultant or permanent employee, depending on profile
Start date: as soon as possible
Remote work: hybrid model with 2 days per week remote and 3 days on site
Travel: no travel required
Reporting line: CyberSec Operations Manager
Working language: French for day-to-day team interactions, with professional English required for documentation, tools, and international stakeholders
Team context: the IT Security team is being structured and scaled, in a build environment rather than a steady-state operation

Main responsibilities

Security Operations & Monitoring

Monitor and investigate security alerts across multiple security platforms
Participate in incident response activities and support the coordination of security investigations
Improve and tune detection capabilities and monitoring use cases
Support the development and maintenance of operational security procedures and playbooks
Perform operational security reviews and follow-up activities

Vulnerability & Exposure Management

Coordinate vulnerability scanning activities and ensure findings are reviewed and prioritized
Follow up remediation actions with infrastructure, platform, application, and support teams
Track remediation progress and escalate overdue actions when required
Coordinate external penetration tests and security assessments
Ensure findings from assessments and pentests are documented, tracked, and remediated

Security Assessments & Risk Management

Perform security reviews of applications, services, and technical solutions
Contribute to risk assessments for new projects, technologies, and providers
Review security configurations and identify improvement opportunities
Support the identification and management of security risks across the IT environment

Security Governance & Reporting

Maintain and monitor operational security KPIs and dashboards
Support reporting related to vulnerabilities, incidents, security posture, and remediation efforts
Participate in periodic reviews of user access, privileged accounts, and security controls
Contribute to compliance activities and implementation of security requirements related to ISO/IEC 27001:2022 and NIS2
Produce and maintain auditable evidence of security control operations, including logs, reports, review records, and remediation closure evidence

Security Improvement & Automation

Identify opportunities to improve security controls and operational processes
Contribute to automation initiatives to reduce manual activities
Leverage available security tooling capabilities, including built-in analytics and automation features, to improve detection quality and reduce manual effort
Maintain security documentation, processes, and operational procedures

Collaboration & Security Advisory

Provide security guidance and support to IT teams and project stakeholders
Work closely with Infrastructure and Workplace teams to improve overall security posture
Promote security best practices and support awareness initiatives
Stay informed about emerging threats, vulnerabilities, and cybersecurity trends

Expected deliverables

Security alert monitoring and investigation follow-up
Incident response support and investigation coordination
Vulnerability tracking and remediation follow-up
Security reviews, risk assessment contributions, and assessment follow-up
Operational security KPIs, dashboards, and reporting
Auditable evidence for control operation and ISO/IEC 27001:2022 readiness
Updated security procedures, playbooks, documentation, and process improvements

Compétences / Qualités indispensables: Security operations & monitoring,Vulnerability management,Incident response,Microsoft Defender XDR & Sentinel,Entra ID security governance,French and professional English Compétences / Qualités qui seraient un +: SC-200, SC-300, CompTIA Security+ or CySA+, ISO/IEC 27001 Lead Implementer or Lead Auditor

Requirements

Profile required

Experience

Minimum 3 years of experience in cybersecurity, security operations, vulnerability management, or a related technical security role
Experience in security monitoring, incident handling, or vulnerability management
Experience working with security tools and operational security processes

Technical knowledge

Understanding of security monitoring and incident response principles
Knowledge of vulnerability management processes and risk-based remediation prioritization, including CVSS scores, asset criticality, exploitability context, and compensating controls
Hands-on experience with Microsoft Defender XDR suite: Defender for Endpoint, Defender for Office 365 / Exchange Online Protection, and Defender for Identity
Familiarity with Microsoft Sentinel or an equivalent SIEM platform; deployment experience is a strong asset
Understanding of Entra ID governance, including Conditional Access, Identity Protection, and Privileged Identity Management (PIM)
Familiarity with Microsoft Intune and Microsoft Purview
Understanding of network security fundamentals, including firewall management with Palo Alto or FortiGate, log forwarding, and network segmentation principles
Familiarity with security frameworks and best practices such as ISO/IEC 27001, NIST CSF, and CIS Controls

Personal skills

Strong analytical and problem-solving mindset
Organized, structured, and detail-oriented
Ability to work independently while collaborating effectively with different teams
Curious, proactive, and willing to continuously learn new technologies and security trends
Strong communication and coordination skills
Practical and solution-oriented team player

Languages

Fluent French
Professional English required

Nice to have certifications

SC-200 — Microsoft Security Operations Analyst
SC-300 — Microsoft Identity and Access Administrator
CompTIA Security+ or CySA+
ISO/IEC 27001 Lead Implementer or Lead Auditor

Soumettre votre candidature

Job description

Requirements

Outils pour les chercheurs d'emploi

Outils Employeurs

Parcourir

Garder le contact