#NC26CSG187146 - Threat Hunting Analyst - Closed
Deadline: April 30, 2026
Requester: NATO
Location: Mons, Belgium
Job type: Contractor
Start date: June, 2026
Security clearance: NATO SECRET
SCOPE OF WORK / DUTIES / ROLES
-
Prioritize, plan and execute threat hunts;
-
Can work independently, as well as part of the team;
-
Highlight improvements on the detection and prevention methods (IDS, SIEM content for correlation, modification of security settings, etc…);
-
Pro -active engagement with the Cyber Community internal to NATO;
-
Monthly reporting on approved KPIs;
-
Creation/maintenance of Standard Operating Procedures (SOPs) to support all aspects of their role;
-
Monthly reporting to both the Customer and Business Stake Holders;
-
Assist NCSC, when required, in support to Cyber Incident Analysis and Response;
-
Production of high quality hypotheses and detection use cases documented in the centralized knowledge base of NCSC;
-
Advise on, test and implement Data Analysis, Artificial Intelligence and Machine Learning technologies to augment and improve existing NCSC process;
-
Improvement of NCSC processes for receiving, searching, analysing, and storing cyber threat data;
-
Regular, at least monthly, Knowledge Transfer meetings with appropriate stakeholders, focusing on:
REQUIRED SKILLS, KNOWLEDGE AND EXPERIENCE
- Significant demonstrable experience in Cyber Security related environment;
- Excellent analytical and hypothetical thinking;
- Experience in liaising at both the technical and managerial level, the incumbent must have excellent written and spoken communication skills;
- Experience in producing accurate and meaningful reports, both technical and managerial, on activities related to Cyber Security;
- Able to organize and lead;
- Able to work as part of a team and under direction of a higher authority;
- Strong collaboration and interpersonal skills;
- Pattern Recognition/Deductive Reasoning;
- Highly Desirable to have one or more advanced professional SANS (500/600/700) certifications (e.g., GCIA, GCFA, GNFA, GREM,…) or with the same level of quality;
- Demonstrable self-learning capability on complex technical subjects;
- Knowledge and practice of Data Analytics, Data Mining, Data Enrichment, Artificial Intelligence and connected concepts such as Large Language Models, Retrieval Augmented Generation, Machine Learning;
- A good understanding in at least three of these areas:
- Network Based Intrusion Detection Systems (NIDS), Host Based Intrusion Detection Systems (HIDS), Network security appliances and networking devices and associated management software. A variety of Security Event generating sources at network and host level (e.g. Firewalls, IDS, Routers, Security Appliances, …);
- Computer Forensics Tools (stand alone, online and network);
- Computer Security Tools (Vulnerability Assessment, Anti-Virus, Anti-Spyware, etc.);
- Network protocols;
- Scripting languages (PowerShell/Python/…).
- Ability to effectively manage own workload in a high tempo environment to Time, Quality and Standards;
- Ability to effectively communicate technical solutions to various audiences, both technical and non-technical;
- Be self-motivated and driven;
- Ability to work in an International environment embedded in the Customer's location in mainland Europe (Belgium).
This position is now closed.
We regularly add new positions. We suggest exploring other available opportunities and staying updated by following our LinkedIn page.
If you don’t find any suitable opportunities, you can send us your CV, as an open application. However, we will not submit you to any vacancies without your written consent.