Incident Response and SOC Analyst (EU Secret)

Sopra Steria offers tailored, end-to-end corporate technology and software solutions to help clients make bold choices and deliver results. Successfully so! With more than 56.000 colleagues in 30 countries, we rank as Europe’s leading digital solutions provider. Some of the most successful companies in Europe rely on our technology due to our commitment to innovation, collaboration, and value in business development.  

The world is how we shape it. Let’s shape it together. 

The role supports the Cyber Security Operations Centre for the EU critical infrastructure, aiming to strengthen IT security through advanced monitoring, detection, and incident response services.

Main Responsibilities

• Define incident handling procedures, automation requirements, and playbook logic aligned with the needs.

• Prepare incident response workflows, automated enrichment steps, and technical documentation for standardized alert handling.

• Handle cybersecurity incidents from detection through escalation, containment, and resolution.

• Develop and maintain XSOAR playbooks, integrations, and automations across platforms such as Splunk, AWS, Azure Sentinel, Carbon Black Cloud, and Sysdig.

• Coordinate and review playbook updates, incident reports, and cross-team collaboration.

• Report key performance metrics, including FPTP rate, MTTH, escalation rate, automation coverage, time saved, and error reductions.

• Assist training analysts on playbook usage and incident response methods.

• Collaborate with CSIRC, CATCH analysts, infrastructure teams, and external stakeholders to validate playbook coverage and share threat intelligence.

Required Skills & Expertise

• Strong incident response methodology and hands-on experience in end-to-end incident handling in multinational settings.

• Advanced knowledge of XSOAR playbook creation and automation.

• Proficiency in designing and adapting automated workflows and enrichment.

• Python programming skills.

• Ability to present technical and business information effectively to diverse EC stakeholders.

• High standards for incident documentation, KPI reporting, and compliance with security frameworks.

• Familiarity with cloud-native services (AWS, Azure), EDR, SIEM-SOAR platforms, and container security.

• Excellent communication skills for working in multicultural teams and liaising with technical and non-technical audiences.

• Certifications or experience in relevant security technologies (e.g., Palo Alto Cortex XSOAR, Splunk, Microsoft SC-200, AWS Security Specialty).

Required Education

• Level 6 European Qualification Framework (Bachelor's degree or higher) for senior profiles.

Soft Skills

• Ability to work in international, multicultural environments.

• Rapid self-starting, teamwork, and multitasking on large projects.

• Language proficiency: English (B2), French or German a plus.

• High discretion and integrity.

Working Conditions

• Contract duration: approx. 880 days, starting Dec 1, 2025.

• On-site service delivery in Brussels, Belgium; partial remote work may be authorized.

• EU Secret Clearance Required or PSCIS

• Provided with IT equipment; must comply with security procedures.

Do you picture yourself in a fast-growing, vibrant team at the cutting edge of software implementation? Does working with international clients across multiple industries sound exciting? Then you’re in the right place. 

We offer a generous employee benefits package that includes: 

• A variety of perks, such as mobility options (including a company car), insurance coverage, meal vouchers, eco-cheques, and more. 
• Continuous learning opportunities through the Sopra Steria Academy to support your career development. 
• The opportunity to connect with fellow Sopra Steria colleagues at various team events. 

People are the cornerstone of our success. That’s why we aspire to be bolder together. Our goal is to build high-functioning teams and healthy team environments that inspire and help each other to deliver excellence for each of our customers.  

Excited about this job opportunity? Ready to shape the world with us? Great! We are looking forward to your application! 

Want to know what happens next?  

The recruitment process typically begins with the first step, where the recruiter screens candidates based on their qualifications and fit for the role. This is followed by the second step, where candidates undergo more in-depth evaluations, including technical assessments hiring manager or client to assess both technical skills and team compatibility. The third step involves the company reviewing feedback and aligning on a potential offer. Finally, in the final step, the candidate receives a formal job offer.  

______

Sopra Steria is an equal opportunity employer. All qualified applicants will be considered for employment without regard to age, ancestry, nationality, color, family or medical leave, gender identity or expression, genetic information, immigration status, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran or military status, race, ethnicity, religion, gender (including pregnancy), sexual orientation or any other characteristic protected by applicable local laws, regulations and ordinances. We foster a work environment that is inclusive and respectful of all differences.