Cyber Security Analist

Position:

Robeco is looking for a Cyber Security Analyst to strengthen our cyber resilience. You have a strong focus on external cyber threats and think and act as an ‘outsider’. You provide actual and relevant insights in Robeco’s cyber threats and developments to other security experts and (senior) management. You are using and optimizing Robeco’s SOC/SIEM/SIEMaaS services. 

Continuity and Stability:

The Digital Policy and Resilience department (DP&R) is responsible for providing policies for optimal use of data & technology and ensuring operational resilience. This includes cyber security and business continuity of Robeco’ s data processing and IT environment. For this environment, Robeco makes use of different types of outsourcing, including external data centres and several SaaS and PaaS cloud solutions. In the highly regulated financial services industry, expectations of clients, regulators and other stakeholders related to cyber security are increasing and cyber threats are continuously evolving. The Cyber Security Analyst works closely together with other IT and security specialists, especially the Security Office, Security and solution Architects and Information Security Assurance Officers.

Key responsibilities:

As a Cyber Security Analyst, your key responsibilities are:

• Cyber threat analysis and risk assessments
• Writing intelligence reports to technical and security specialist and (senior) management
• Knowledge sharing with external threat analysts
• Translating cyber threats into Robeco business risks
• Coordination of root-cause analysis of severe security incidents
• In-depth analysis of attack MOs
• Anticipating on market and industry security developments
• Defining and reviewing use cases for Robeco’s SOC/SIEM
• Sharing threat intel and knowledge within Robeco, ORIX and the Financial Sector
• Continuous improvement of Robeco’s cyber security processes
• Executing Hunting cycles based on threats and related hypotheses.

Knowledge and skills:

You have a higher technical professional or university education, 5-10 years' experience in the area of information security, with at least 2 years as cyber analyst, preferable within the financial sector. You are pragmatic and able to work with different types of management styles. You are a critical and creative thinker with strong analytical and investigative skills.

You also have:

• Knowledge of the latest cyber security developments
• Knowledge and experience with SIEM (Azure Sentinel) and big data
• Experience with multi-sourced IT-environments
• Experience with security risk reporting to (senior) management
• Ability to communicate effectively with management, professionals and suppliers, and to maintain sustainable and effective professional relationships, especially within the security community.
• Excellent spoken and written communication skills in both Dutch and English
• Enterprising and creative skills to seek solutions for complex issues
• Technical skills like KQL (Kusto query language), PowerShell, Python, Azure and Azure Sentinel are preferred.

Specific knowledge and skills:

• Familiarity with cyber intelligence gathering and analysis including OSINT and HUMINT
• Relevant professional security certification, such as CISSP, CEH, CISA, or similar