Freelance: Incident Response Analyst – Cyber Defence

Posted 01 October 2025
Salary Competitive
LocationBrussels
Job type Contract
Discipline Cyber Security
Reference75098
Remote working Hybrid/Flexible

Job description

As an Incident Response Analyst, you will play a key role in detecting, investigating, and responding to security incidents, performing digital forensics, and conducting proactive threat-hunting activities.

Key Responsibilities

Incident Response & Forensics

  • Drive the handling of security incidents, assigning response actions and tracking execution.

  • For major incidents, coordinate ad-hoc response teams to contain, mitigate, and restore services.

  • Perform digital forensic investigations (with a focus on Windows environments).

  • Develop and maintain incident response playbooks and runbooks.

Threat Hunting & Intelligence

  • Proactively hunt for compromises based on threat intelligence and attack indicators.

  • Perform deep-dive investigations using CTI and frameworks such as MITRE ATT&CK.

  • Collect, analyse, and operationalise cyber threat intelligence into actionable insights.

Security Monitoring & Analysis

  • Work with SIEM solutions (Splunk, QRadar, ELK) and IDS/IPS platforms (Snort, Suricata, Zeek) to investigate alerts and anomalies.

  • Conduct network and protocol analysis using tools like tcpdump, Wireshark, Argus, SiLK.

  • Support continuous improvement of monitoring rules and detection capabilities.

Automation & Engineering

  • Develop scripts and automation tools (Python, Perl, Ruby) to accelerate investigation workflows.

  • Use Unix/Linux command-line utilities (sed, awk, grep) for log and data analysis.

  • Contribute to strengthening security monitoring infrastructure and incident response tooling.

Required Skills & Experience

  • Strong knowledge of IT security technologies (secure networking, system security, perimeter defence, web infrastructure).

  • Experience in incident management within a SOC, CSIRT, or cyber defence environment.

  • Proficiency with logging, monitoring, intrusion detection, and SIEM platforms.

  • Practical knowledge of IDS/IPS, NetFlow, and packet analysis tools.

  • Hands-on experience in digital forensics, particularly on Windows systems.

  • Scripting/programming experience (Python, Perl, Ruby).

  • Familiarity with text manipulation and log analysis (sed, awk, grep).

Soft Skills

  • Analytical mindset with strong attention to detail while keeping the bigger picture in view.

  • Ability to work under pressure in emergency situations.

  • Strong communicator and team player.

  • Proactive, autonomous, and eager to share knowledge.

  • High level of integrity and commitment to continuous improvement.