Job description
Monitoring & Detection Specialist (Freelance)
Location: Primarily Onsite (Hybrid possible depending on project needs) Belgium
Contract Type: Freelance / Contract
Duration: Long-term contract
Role Overview
We are seeking an experienced Security Monitoring & Detection Specialist to support a cybersecurity team responsible for monitoring, detecting, and responding to security threats across complex IT environments.
The consultant will focus on developing and improving detection capabilities within SIEM platforms, analysing security events, and contributing to the overall effectiveness of security monitoring processes.
This role requires strong experience with Splunk and Splunk Enterprise Security, as well as a solid background in security monitoring, detection engineering, and incident investigation.
Key Responsibilities
Security Monitoring & Detection
• Create, develop, and test detection rules and correlation searches in Splunk and Splunk Enterprise Security.
• Customize and tune existing detection rules to align with the organisation’s infrastructure and threat landscape.
• Continuously improve detection logic and reduce false positives in alerts.
• Analyse and investigate security alerts to identify suspicious activity and potential threats.
• Escalate confirmed incidents to the incident response team and support investigation activities.
• Contribute to the implementation of automated monitoring capabilities, including the use of SOAR tools where relevant.
Documentation & Process Support
• Develop and maintain SOC playbooks, operational procedures, and detection documentation.
• Define and maintain log collection requirements and monitoring use cases.
• Ensure security monitoring changes are managed in a structured and controlled manner.
Collaboration & Security Guidance
• Work closely with internal teams to strengthen cybersecurity monitoring and detection capabilities.
• Provide guidance related to endpoint, network, and cloud security monitoring.
• Support continuous improvement of monitoring processes and security operations practices.
Required Skills & Experience
• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
• Minimum 6 years of professional experience in cybersecurity or IT security.
• Hands-on experience with SIEM platforms, particularly Splunk and Splunk Enterprise Security.
• Experience creating and tuning detection rules and correlation searches.
• Strong understanding of security monitoring, threat detection, and SOC operations.
• Knowledge of identity and access management, endpoint security, and network security concepts.
• Familiarity with Windows and Linux hardening and security monitoring.
• Experience with cloud security environments and tools such as Microsoft Sentinel, Entra ID, Microsoft Defender, and AWS security services (e.g., GuardDuty).
Soft Skills
• Strong analytical and investigative skills.
• Ability to work collaboratively with cross-functional teams.
• Clear documentation and communication skills.
• Ability to operate effectively in structured security operations environments.
Language
Professional proficiency in English is required.
Location: Primarily Onsite (Hybrid possible depending on project needs) Belgium
Contract Type: Freelance / Contract
Duration: Long-term contract
Role Overview
We are seeking an experienced Security Monitoring & Detection Specialist to support a cybersecurity team responsible for monitoring, detecting, and responding to security threats across complex IT environments.
The consultant will focus on developing and improving detection capabilities within SIEM platforms, analysing security events, and contributing to the overall effectiveness of security monitoring processes.
This role requires strong experience with Splunk and Splunk Enterprise Security, as well as a solid background in security monitoring, detection engineering, and incident investigation.
Key Responsibilities
Security Monitoring & Detection
• Create, develop, and test detection rules and correlation searches in Splunk and Splunk Enterprise Security.
• Customize and tune existing detection rules to align with the organisation’s infrastructure and threat landscape.
• Continuously improve detection logic and reduce false positives in alerts.
• Analyse and investigate security alerts to identify suspicious activity and potential threats.
• Escalate confirmed incidents to the incident response team and support investigation activities.
• Contribute to the implementation of automated monitoring capabilities, including the use of SOAR tools where relevant.
Documentation & Process Support
• Develop and maintain SOC playbooks, operational procedures, and detection documentation.
• Define and maintain log collection requirements and monitoring use cases.
• Ensure security monitoring changes are managed in a structured and controlled manner.
Collaboration & Security Guidance
• Work closely with internal teams to strengthen cybersecurity monitoring and detection capabilities.
• Provide guidance related to endpoint, network, and cloud security monitoring.
• Support continuous improvement of monitoring processes and security operations practices.
Required Skills & Experience
• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).
• Minimum 6 years of professional experience in cybersecurity or IT security.
• Hands-on experience with SIEM platforms, particularly Splunk and Splunk Enterprise Security.
• Experience creating and tuning detection rules and correlation searches.
• Strong understanding of security monitoring, threat detection, and SOC operations.
• Knowledge of identity and access management, endpoint security, and network security concepts.
• Familiarity with Windows and Linux hardening and security monitoring.
• Experience with cloud security environments and tools such as Microsoft Sentinel, Entra ID, Microsoft Defender, and AWS security services (e.g., GuardDuty).
Soft Skills
• Strong analytical and investigative skills.
• Ability to work collaboratively with cross-functional teams.
• Clear documentation and communication skills.
• Ability to operate effectively in structured security operations environments.
Language
Professional proficiency in English is required.
