Mission Overview:
We are seeking an experienced Technical Team Lead for our CSIRT team. This position represents a consultancy mission at a client site through Keystone Solutions, where you will lead a growing team of security engineers, coordinate incident response, and develop technical detection and mitigation strategies. You will be responsible for triage, forensic investigation, root-cause analysis, and improving playbooks and automation. Additionally, you will be co-responsible for the security of our systems by designing and implementing adequate monitoring controls.
Responsibilities:
-
Design, implement, and maintain a CSIRT infrastructure, including SIEM, SOAR, CTI environment, etc.
-
Automate and script tasks using Python.
-
Set up and utilize open-source tooling.
-
Lead the CSIRT team in planning, prioritization, and ensuring sufficient knowledge within the team.
-
Report on the performance of the CSIRT team, including providing sufficient KPIs.
-
Analyze logs and support incident investigations, including reporting.
-
Draft and maintain technical documentation.
-
Collaborate with team members and stakeholders; support in escalations and change activities.
-
Track and analyze vulnerabilities.
-
Follow up and analyze CTI.
Required Skills and Experience:
-
Minimum 7+ years of experience in a similar role, with in-depth knowledge of encryption, security operations, compliance, vulnerability management, mobile applications, bug bounty programs, blue team expertise, incident response, and forensic capabilities.
-
Proven knowledge and experience in highly regulated environments regarding security and compliance.
-
In-depth knowledge of implementing and managing security operations tools and SIEM systems, particularly Splunk Enterprise Security.
-
Experience securing mobile applications on iOS and Android platforms.
-
Experience tracking the latest vulnerabilities and assessing their impact.
-
Proven experience with incident response procedures, forensic techniques, and malware analysis.
-
Knowledge of relevant regulations and standards in information security.
-
Good knowledge of Enterprise Linux and one or more scripting languages (Python, Powershell, ...).
-
Excellent problem-solving skills and strong analytical abilities.
-
Good communication skills and the ability to effectively communicate with stakeholders at all levels.
-
A passion for continuous learning and improvement, and the willingness to stay updated on the latest developments in the field.
-
Willingness to work full-time on-site in Brussels (easily accessible by public transport and free underground parking).
-
Languages: Dutch and/or French and English (fluent in spoken and written).
-
Possession of Belgian nationality and a valid security clearance National, NATO & EU, at least level SECRET.
Preferred Qualifications:
-
Certifications such as OSCP, GCIH, GCIA, GNFA, CISSP, CISM.
-
Knowledge of security frameworks and best practices (MITRE ATT&CK, NIST, ...).
-
Experience with change management and ITIL processes.
Personal Attributes:
-
Problem-solving and analytical skills.
-
Practical and hands-on approach.
-
Strong communication and team-oriented.
-
Meticulous in documentation and configuration management.
If you are ready to tackle technical and strategic challenges in a dynamic consultancy environment, apply today .
Duration: As soon as possible - 31/12/2026 7 months • (full time)
Skills required:
-
Monitoring SLA / KPI - Level: Expert - Most recent: Any time
-
Open Source - Level: Expert - Most recent: Any time
-
Python - Level: Expert - Most recent: Any time
-
SIEM - Level: Expert - Most recent: Any time
Language requirements:
Dutch or French
Level Active knowledge
English
Level Active knowledge
