In today’s digital world, organizations need to shift their approach to cyber security. Prevention alone is no longer sufficient! There is an ever growing need to have rapid detection and response capabilities in place. Organizations are looking at trusted strategic partners to offer the valuable expertise and knowhow, to fully unburden them in the domain of detection and response. That’s where we come in. We offer MDR as a value service to a multitude of customers across different verticals – all equally exciting.

Based in Belgium and the Netherlands, we are committed to helping companies navigate the digital era and make data-driven decisions. We serve clients in the top 200 across the Benelux, spanning a wide range of fascinating and diverse sectors.

At Davinsi Labs, we love to inspire each other, collaborate closely, and pursue excellence together. We are building a workplace where fulfillment and happiness take center stage.

You will be a part of our MSP teams focusing on Managed Detection & Response (MDR) services. Your primary objective as an engineer will be to continuously enhance our platform, data, threat detection and threat response capabilities across different complex customer environments and offer our customers ‘the comfort of knowing’. Your expertise and performance will directly impact the experience of our valued clients. The applicable technologies are the following:

• Splunk Enterprise & Splunk Enterprise Security
• Palo Alto XSOAR
• Microsoft Sentinel
• Microsoft Defender XDR

Key Responsibilities:

• Research: Researching new methods to find malicious behaviour in customer environments, simulating them and translating the outcome into actionable detection.
• Best practice frameworks: Creating and continuously improving detection use cases, rules, and analytics. You also map these use cases to best-practice frameworks such as MITRE ATT&CK.
• Detection rule lifecycle management: Development, activation and fine-tuning of detection rules for customers. Maintaining the entire library in a version control system (Git) and simulating heat maps for customers to analyse detection coverage and gaps.
• Incident Response and Detection: Testing detection capabilities by simulating attacks in a lab environment. Validating detection capabilities on live customer environments and collaborating with the Incident Response teams to identify next steps, investigation, and response playbooks.
• Data management & monitoring: Development, activation & maintenance of functionalities like data parsing, data routing, data masking, data normalisation, data monitoring, etc. Our DMM library also needs to be maintained in our version control system.
• Platform lifecycle management: The availability of data & detection rules will, of course, not be ensured if the threat detection platform is designed, developed and operated properly. Managing, monitoring and optimizing this is key in order to ensure its reliability, scalability, and performance. The team implements best practices and industry standards to enhance the security and integrity of our customer data platforms.
• Documentation: Develop high-quality documentation to establish repeatable and reproducible processes, ensuring consistency across all teams.
• Serving as a subject matter expert: Providing guidance and support to internal teams, clients & vendors on the technical aspect of the products used in our MDR offering. Continuously staying up-to-date with the latest advancements and trends in the ecosystems. 

• You are passionate about IT security and technology, and have a few years of professional experience in the field.
• You have a strong background in computer science, computer engineering, or IT security (a degree is an asset).
• Affinity with threat detection platforms like SIEM technologies (Splunk, Sentinel, Elastic Stack, etc) and/or XDR technologies (Microsoft Defender XDR, Palo Alto Cortex XDR, etc).
• You have related experience with security incident response, including knowledge about SOAR platforms like Palo Alto XSOAR.
• You have experience with any of the following: Git, JIRA, GitHub, Public cloud, Python v3, JavaScript.
• You have knowledge of modern security controls (NGFW, EDR, XDR, ...) and cloud security controls.
• You communicate in Dutch and English (both written and oral). French is an asset.
• You are a great communicator and enjoy working in close contact with the customer and internal teams, acting as a trusted advisor operationalising threat detections and response.
• You are a problem-solver with an analytical mind. As a team player with a positive attitude, you are always ready to challenge and to be challenged. 

You come to us for the job, but you stay for the people. 

They are the backbone of our organization, and that's reflected in the rewards we offer: 

• An attractive salary package: An absolute must to bring out the best in you.
• The opportunity to make a difference in a challenging, digital world: We offer an environment where you can learn and provide you with the tools to invest in yourself and become the best version of your (professional) self!
• A challenging work environment and an inspiring team: In our high-performing and dynamic teams, your initiative is valued, and you're accepted for who you are. Your uniqueness excites us.
• A great vibe in a cozy office in Berchem: We love food, drinks, and laughter! We work hard and play even harder. We celebrate teamwork, organize quarterly team events, and during breaks, you can enjoy a game of pool, darts, or table tennis with your colleagues.