Security Operations Center Engineer

What You’ll Be Doing

You’ll be involved in a wide range of cybersecurity missions, covering operational, technical or tactical activities. Depending on our customers’ needs, you could manage a variety of responsibilities.

We want to maintain an agnostic position in cyber while providing services that meet the specific needs of our customers. That’s why our customers are companies of all sizes and in all industries.

As a SOC Engineer, here’s what your day-to-day might look like:

• Monitoring and analyzing security events using SIEM tools like Opensearch, Elastic, or Microsoft Sentinel.
• Onboarding of new log sources to increase threat coverage
• Creating technical incident response playbooks
• Detection engineering to stay on top of the newest exploits
• Automating security tasks and incident response using an automation Framework and scripting languages (n8n, Javascrypt, Yara, Lua, Python, PowerShell, Bash).
• Applying frameworks like MITRE ATT&CK to analyse threats and improve detection strategies.
• Participating in internal security reviews, audits, and continuous improvement initiatives.
• Keeping you up to date with the latest technologies in the SOC field

What We’re Looking For

We’re looking for someone with a solid technical foundation, a proactive mindset and a passion for Cybersecurity. Here’s what we expect from a SOC engineer:

• You have experience in cybersecurity engineering or a related technical role.
• You communicate fluently in Dutch & English, French is an asset
• You understand how to securely configure systems, networks, and cloud environments.
• You have hands-on experience with SIEMs and incident response platforms.
• You have experience with languages like Go, Python, Ruby or Bash.
• You apply cybersecurity frameworks like MITRE ATT&CK in your daily work.
• You are willing to participate in our standby system
• You have at least a masters degree in computer science, or equivalent practical experience.

The extras we value

• You have experience with SOAR platforms like N8N, Splunk SOAR, …
• You have worked with Threat Intelligence Platforms (TIPs) like MISP or have experience integrating CTI feeds (STIX/TAXII) to enrich detection data
• You have a foundation in software development aligning with industry best practices, like design patterns and testing
• Holding other certifications like CompTIA Security+, CASP, CISSP, … or other vendors’ certifications is a plus.
• You have worked with container security tools (Docker, Kubernetes).
• You have experience working in a scale-up or fast-paced tech environment.

What we offer

• Join a dynamic and recognized company in a booming sector
• Drive ambitious projects from the business needs up to the projects results, leading concrete initiatives while maintaining a holistic view of the project
• Develop your career path and add top-level trainings and certifications to your CV
• As an employee, benefit from an attractive salary package, including a full range of benefits like a company car, competitive insurances, meal vouchers, allowances, 26 days off, up to 2 days homeworking/week, cafetariaplan, …)
• The opportunity to join the wide Approach Cyber & AXS Guard ecosystem and benefit from your colleagues’ strong cyber expertise.
• Fun company events, exclusive team experiences
• Contribute to a safer, fairer world for data subjects and citizens, ensure the serenity of great businesses and essential public institutions
• Live your values daily in a dynamic, fun and multicultural working environment.

Work Location

Your main base? It's our Mechelen office. You'll visit our Mont-Sint-Guibert (Louvain la Neuve), Brussels, or Antwerp locations now and then. Sure, you get to work from home part-time. Still, most of your colleagues choose to come into the office. Why, though? They love the great vibe here.