2nd Line Security Event Analyst (NATO-NCIA)

Mons, Belgium, Sapienza Consulting [AAS-C001919]

Field(s) of expertise
Software Engineering Information Technology
Job type

About this job

Sapienza Consulting, a tpgroup company, is recruiting a 2nd Line Security Event Analyst to join NATO – NCIA in Mons, Wallonia, Belgium.


  • Conduct detailed investigation and research of security events within NATO Cyber Security Centre (NCSC) team
  • Analyse firewall, IDS, anti-virus and other sensor-produced system security events and present findings
  • Provide detailed technical reports in support of incidents and capability improvements
  • Share security event/incident information with stakeholders via presentations and technical reports
  • Appropriately leverage the comprehensive extended toolset (e.g. Log Collection, Intrusion Detection, Packet Capture, VA, Network Devices etc.) to identify malicious activity
  • Be able to recommend improvements to enable enhancing investigations
  • Propose possible optimisations and enhancements which help to maintain and improve NATO’s Cyber Security posture
  • Implement and support threat hunting activities; create use cases and technical reports when requested
  • Analyse intelligence information gathered from internal and external threat intelligence resources
  • Identify security gaps in NATO infrastructure and develop custom content utilising available toolset
  • Provide expert investigative support of large scale and complex security incidents.
  • Develop and maintain SOAR playbooks


  • Required Security Clearance: NATO Secret
  • A university degree from a nationally recognised/certified University in a technical subject with substantial Information Technology (IT) content and 4 years of specific experience
  • Exceptionally, the lack of a university degree may be compensated by the demonstration of a candidate’s particular abilities or experience that is/are of interest to NCI Agency; that is, at least 7 years of extensive and progressive expertise in the duties related to the function of the post
  • Candidates must be eligible to work in the EU
  • For information on how we process the personal data in your application, please see the Sapienza Privacy Statement.

For information on how the personal data in your application is processed, please see the Sapienza Consulting Privacy Policy.