Job description
First-Line SOC Analyst (Freelance)
Location: On-site — Brussels
Contract Type: Freelance / Independent Contractor
Eligibility: EU Nationality required
Start: ASAP
Role Overview
We are looking for a hands-on First-Line SOC Analyst to join our cybersecurity operations in Brussels. You will be working in a dynamic SOC environment where ~50–60% of your time will be dedicated to first-level alert monitoring, analysis, and escalation. The remaining time will involve supporting SOC improvements through use-case development, scripting, automation, reporting, and collaboration with the wider CSIRT function.
Key Responsibilities
-
Perform initial alert triage, investigation, and escalation within the SOC
-
Monitor and analyze logs and security events using Splunk
-
Work within TheHive for incident case management
-
Contribute to SOC tuning, use-case development, and detection improvements
-
Support automation workflows (e.g., Tines) when needed
-
Assist in reporting and knowledge base updates
-
Remain proactive on emerging threats, IOCs, and adversary techniques
Required Skills & Experience
-
~6 years total in IT, with ~3 years in cybersecurity
-
Solid experience with SIEM (preferably Splunk)
-
Familiarity with incident management platforms (e.g., TheHive)
-
Ability to script for automation (PowerShell / Python / Bash)
-
Basic understanding of EDR tools (e.g., Bitdefender Gravity)
-
Knowledge of digital forensics fundamentals, especially Windows environment
-
Cybersecurity certification + incident response or digital forensics certification (GCFA, GCFE, ECIH, OffSec IR-200, etc.)
-
English at C1 level
