Incident Response

Role Description

As an Incident Response and Cyber Threat Intelligence (CTI) Analyst, your primary mission is to collect, analyze, and disseminate actionable intelligence on IT threats, vulnerabilities, and attacks targeting the information and communication systems of Proximus Group and its customers. You will play a dual role: proactively monitoring and reporting on the threat landscape, and actively participating in the incident response lifecycle to ensure rapid, effective mitigation of security incidents.

Responsibilities:

Threat Intelligence:

• Collect, analyze, and synthesize information from both open (OSINT) and closed sources to identify emerging threats and vulnerabilities.
• Extract relevant intelligence from large data volumes, produce clear reports with actionable recommendations, and distribute them to appropriate teams.
• Maintain strong relationships with cybersecurity communities and private organizations.
• Collaborate closely with the Incident Response Team, Vulnerability Management Team and the SOC to provide real-time intelligence and technical support during ongoing incidents.

Incident Response:

• Actively participate in all phases of the incident response process, including detection, analysis, containment, eradication, recovery, and post-incident review.
• Integrate new findings from incident investigations into the intelligence lifecycle for further analysis and continuous improvement.
• Contribute to root cause analysis, help develop and implement mitigation and remediation strategies, and document incident timelines and actions taken.
• Develop and maintain incident response playbooks and procedures, embedding threat intelligence into every stage of the response workflow.

Collaboration & Communication:

• Work actively with security teams, the Cyber Defense Center, and other stakeholders to improve monitoring use cases and bring context to ongoing incidents.
• Represent CSIRT in meetings with customers and third parties to share the latest threat intelligence and incident response insights.
• Support the blue team during red team exercises and contribute to the development and delivery of up-to-date training scenarios.

Reporting & Program Development:

• Produce strategic, operational, and technical reports on trending threats and significant incidents.
• Contribute to the ongoing development and maturity of the CTI and Incident Response programs within Proximus.

Profile

Qualifications

• Bachelor's degree in Computer Science, Information Security, or equivalent combination of education and experience.
• At least 1 year of experience in a cybersecurity environment or 2 years in IT with a strong interest in cybersecurity.
• Demonstrated analytical skills, with the ability to connect security incidents and write clear, actionable reports.
• Strong problem-solving mentality, initiative, and a keen interest in CTI and incident response.
• Discretion in handling confidential information and strong personal organization.
• Excellent communication and service-oriented mindset; team player who enjoys a positive group atmosphere.
• Fluent in English (oral and written); French/Dutch is a plus.

Desired Experience (Optional)

• Solid understanding of internet topology and essential services.
• Good knowledge of MS Windows, network technologies, and basic familiarity with Unix, Linux, BSD, OSX, or mobile variants.
• Basic knowledge of firewalls, protection technologies, and log analysis.
• Experience in hands-on incident response, including triage, investigation, and remediation of security incidents.
• Familiarity with incident response frameworks (e.g., NIST, SANS) and best practices.
• Experience with OSINT tools, MISP, and cybersecurity certifications.

Strengths

• Strong knowledge and experience in Cyber Threat Intelligence, Incident Response, or Cybersecurity.
• Ability to work under pressure during security incidents and communicate effectively with both technical and non-technical stakeholders.

Additional Requirements

• Applicants must enjoy full rights as Belgian citizens or have been living for 10 years in Belgium to be considered for this role.