Threat Hunter
Are you passionate about making a real impact in the world of cyber security? Are you ready to be in the front line as a Threat Hunter for a NATO project?
About this job
Nixu, a DNV Company, is recruiting a Cyber Threat Hunter to work in the service delivery team at NATO SHAPE / NCIA. While the assignment and day-to-day work will be based in Mons, Belgium, the employment contract will be issued in one of our following locations: Finland, Sweden, Denmark or the Netherlands. You will need to be eligible for employment under the labor laws of these countries, and have the willingness to relocate to Belgium until end of 2025.
We are looking for an expert to work in a team delivering a continuous Threat Hunting – service for NATO Cyber Security Center (NCSC). The NATO Cyber Security Center (NCSC) is a team of over 200 members working to monitor and protect NATO networks. The NCSC´s role is to deliver robust security services to the NATO Enterprise and NATO Allied Operations and Mission (AOM). The center executes a portfolio of programs and projects around 219 MEUR per year to uplift and enhance critical cyber security services.
THE NCSC is responsible for defending NATO networks on a 24/7 basis and to proactively look for signs of malicious activities by threat hunting. The threat hunting activities encompass searches in existing security log sources based on threat intelligence hypothesis, anomaly detection and more general assessments. As a Threat Hunter you will work daily with NATO Cyber Threat Intelligence, SOC and the Cyber Threat Investigation Team.
We are looking for a Threat Hunter with a solid background in cyber security
A university degree in Information Security, Cybersecurity, Computer Science or a related field is desirable. A minimum of 3 years of professional experience in tasks related to providing cyber defense services is required.
We are looking for someone with a high level of experience in the following:
- Experience in analyzing Threat Intel reports and creating threat hunting hypothesis and queries based on those.
- Knowledge and experience in analysis of incidents, attack patterns and tactics, techniques, and procedures (TTPs).
- Experience supporting incident response and deeply familiar with common incident response procedures, processes, and tools.
- Experience with threat hunting, including deep knowledge of operating systems and Windows internals.
- Strong knowledge of malware families and network attack vectors.
- Knowledge of the MITRE ATT&CK framework.
- Knowledge of threat hunting with EDR-tools.
- Experience in writing Splunk queries using SPL.
- Experience in analyzing Sysmon events.
You have a strong ability to write technical reports in English, and an attention to detail and a high level of accuracy to maintain precision in all tasks and reports.
It is considered an advantage if you understand network forensics including common network protocols and how those are used in adversary operations. Applied knowledge of a variety of adversary command and control methods and protocols is desirable as well as the ability to produce contextual attack models applied to a scenario.
This job requires teamwork and experience in working in Threat Intelligence team is seen as an advantage. Also, previous experience in working for or supporting a military or governmental organization is seen as a big plus.
Specific working conditions
Due to the nature of the job, you will be working on-site at the customer´s premises in Mons, Belgium using tools provided by the customer. You will work in a normal office environment mainly with standard working hours with the exception of supporting possible major cyber incidents or du to urgent operational needs where non-standard working hours will be required.
This position requires passing the NATO SECRET security clearance.
Be one of us
We have recently embarked on an exciting journey – formerly known as Nixu, now combined forces with DNV and Applied Risk, with the goal of creating a leading European cyber security services business.
As DNV Cyber, we are passionate about cyber security and take pride in the way we are impacting the society we live in. We encourage you to excel professionally through knowledge sharing and demanding cases. At DNV Cyber, you'll have 500 colleagues who share an interest in cyber security with you.
At DNV Cyber, you will have the opportunity to work on a variety of cases and customers from various industries. You will be working in an international environment with global opportunities to advance in your career. With us, you will be surrounded by the most talented people in the cyber security field. We encourage you to keep challenging yourself by exploring new areas of expertise.
Join us on an exciting adventure of growth, meaningful work, and shaping the future through cyber security!
Apply now!
We are waiting for your application! To apply please create a profile in our recruitment system and attach you CV, cover letter and salary expectations.
Need more information?
If you have any questions regarding this position, please reach out to the hiring manager Antti Niemelä at antti.niemela[at]dnv.com.
A security background check will be a part of the recruitment process.
- Business unit
- Engineering
- Locations
- Amsterdam, Espoo, Herlev, Stockholm
About Nixu
Nixu, a DNV company, is a trusted cyber security services partner that has been shaping the future through cyber security for over three decades. We help our customers ensure business resilience with peace of mind, enabled by some of the best cyber security professionals in Europe.
DNV is an independent assurance and risk management provider, operating in more than 100 countries, with the purpose of safeguarding life, property, and the environment. As a trusted voice for many of the world’s most successful organizations, we help seize opportunities and tackle the risks arising from global transformations. We use our broad experience and deep expertise to advance safety and sustainable performance, set industry standards, and inspire and invent solutions.
DNV, Nixu, and Applied Risk – an industrial cyber security specialist acquired by DNV in 2021 – are joining forces to create a leading cyber security services business. Together, we will be known as DNV Cyber. A 500-strong expert team will safeguard demanding IT and industrial control system environments and build business resilience across multiple industries.
Threat Hunter
Are you passionate about making a real impact in the world of cyber security? Are you ready to be in the front line as a Threat Hunter for a NATO project?
Loading application form
Already working at Nixu?
Let’s recruit together and find your next colleague.