Domain Lead CSIRT

As the CISRT Domain Lead, you leverage your experience to safeguarding the organizations digital assets by leading the response to cybersecurity incidents and ensuring that the team operates efficiently and effectively. 

• As a mentor, play a pivotal role in guiding, supporting, and transferring your knowledge and experience to the CSIRT Team in their day-to-day operations;

• As an authority, develop, implement, operate, maintain and improve (PDCA -cycle), the Security Incident Management Process, according to industry standards and legal requirements.

• As an enabler, train and execute the Security Incident Management Response Plans, ensuring that information security incidents are prevented, contained and reported according to organization's cybersecurity strategy.

• As a leader, act as cyber- and information security champion in your domain and influence the company security culture in a positive (best-in-class) manner

• As a colleague, collaborate in the CSIRT team as a primus inter pares

KEY ACTIVITIES

Develop and maintain the Security Incident Management Processes and Services

• Develop and maintain a repeatable, mature and consistent Security Incident Response process based on industry standards and aligned to national and international regulations;

• Determine & document the best intelligence gathering, prevention, detection and response strategies for different type of attack scenarios

• Sets quality standards for tasks and outcomes within the CSIRT team

• Collaborate with other CISO Domain Leads and Enterprise Architecture

• Coach and steer the CSIRT team where necessary

• Support in selecting new CSIRT team members with the right qualifications, knowledge and skills.

Improve and Maintain the Security Incident Response Process

• Maintain and improve the CSIRT team capabilities and services, with the CSIRT Team Lead

• Propose action plans to improve the maturity of the CSIRT Process to the CSIRT Team Lead and CISO and assist in implementing the action plans.

• Influence decisions about budgets and priorities with business and IT leadership such that security initiatives are included in the roadmaps.

• Propose improvements on how to make the Security Incident Response more efficient and consistent through tooling;

• Maintain all aspect of the lifecycle management of these capabilities and services

Third Party support definition and monitoring

• Support in defining the sourcing strategy

• Defining the requirements for third party support, drafting the Request for Proposals and evaluation criteria and following up the purchasing process from start to finish, including the implementation of the tooling or service, and monitoring the quality in terms of service levels and expectations.

Domain Expertise alignment across Cyber Security Domains

• Strong collaboration with other Leads of the CISO Team to enable synergies

• Help colleagues within the CISO office and SNCB to get a better understanding of information security threats.

• Knowledge level Master or equivalent through experience

• Relevant work experience of 10 years

• In-depth knowledge of cyber security and risk management

• In-depth knowledge of toolset for cyber security and risk management

• Knowledge of legislation and regulations regarding own domain

Our offer
Within our open corporate culture, you contribute to the digital transformation of SNCB. You will have a job with social impact and ample opportunity to make your own contribution. In addition to a good work-life balance and a competitive salary, you will receive the following benefits:

• the possibility to work remotely + flexible working hours;

• 35 days of leave;

• a company car + a public transport season ticket;

• a target bonus;

• a comprehensive insurance package (affiliation without own contribution, excl. outpatient costs for family members);

  • hospitalisation and dental care for the whole family;

  • outpatient costs (= medical costs separate from hospitalisation);

  • group insurance: supplementary pension, work disability and death (cafeteria plan);

  • accidents at work (extralegal);

• meal vouchers and eco-vouchers;

• net allowances for remote working and carwash + internet budget.