Senior Incident Response Engineer

It all starts with the mission: NVISO is here to protect European society from potentially devastating cyber attacks! This means we offer cyber security services to private and governmental organizations to help them better prepare for, prevent, detect and respond to cyber security incidents.

All of this is built on four fundamental values that define who we are: We are Proud, We Break Barriers, We Care and No BS!

As a Senior Incident Response Engineer, you will combine hands-on incident response with advanced security operations engineering. You will contribute more independently to investigations, bring stronger technical depth to detection and response improvements, and proactively help evolve operational workflows and automation.

This role is designed for someone with 3–4 years of relevant experience, who is willing to commute to province of Luxembourg three times per week, and who is ready to take the next step in terms of technical maturity and impact.

Typical tasks include, but are not limited to:

• Investigating and responding to security incidents across endpoint, network, identity, and cloud environments, including more involved cases with broader attacker activity;
• Contributing proactively to containment, eradication, and recovery efforts, and communicating clearly with stakeholders throughout the incident lifecycle;
• Engineering and improving detection logic, playbooks, log integrations, and response procedures based on threat intelligence, incident learnings, and customer requirements;
• Driving automation initiatives that reduce manual effort, improve response speed, and increase the quality and repeatability of SOC and IR processes;
• Contributing to threat hunting, readiness assessments, and continuous improvement efforts with a stronger technical contribution..

• 3–4 years of experience in incident response, SOC engineering, detection engineering, or a related blue team role;
• Solid hands-on experience with incident handling, investigative analysis, and response activities in enterprise environments;
• A good understanding of attacker tactics, techniques, and procedures, and the ability to translate these into practical detection and response improvements;
• Practical experience with SIEM and security monitoring technologies, including detection engineering, log onboarding, tuning, and use case development;
• Broad knowledge of forensics and investigative concepts across host, network, and cloud environments, without requiring deep specialization in digital forensics;
• Demonstrated interest or experience in automation, scripting, or workflow improvement within security operations or incident response;
• Strong analytical and communication skills, with the ability to work independently, prioritize effectively, and contribute in a structured and proactive way;
• Excellent English communication skills, both verbal and written.

At NVISO, we care. We are committed to offering you a highly competitive remuneration package including financial and non-financial components:

• A training budget of 10.000€ and 10 days every 2 years
• Company car and Belgian charging card
• Working and learning from the best people in the European cyber security industry. We have multiple SANS Instructors working at NVISO, our staff has presented at popular hacking conferences (BlackHat, BruCON, OWASP, etc) and all of our technical staff can acquire deep technical security certifications (GSE, GXPN, GREM, GCFA, OSCP, etc)
• An entrepreneurial and agile working environment, where you will be challenged, stimulated and supported in driving new initiatives (either through internal innovation or by improving our service offering), without losing sight of having fun!
• Regular team-building and fun events throughout the year;
• Our commitment to coach and counsel you and help you grow; each employee receives a personal coach within the team, whose role is to ensure your well-being and helps you grow in your career!
• Flexible working hours, working from home and even the possibility to work from abroad;
• Flex Income Plan
• 32 paid leave days

IF YOU’RE INTERESTED, PLEASE SEND US YOUR APPLICATION!

WE’RE LOOKING FORWARD TO MEETING YOU!

Disclaimer on the Use of AI Tools in the Application Process

Please be aware that the creation and submission of application documents (e.g. CV, cover letter, case studies, etc.) using AI-powered tools is only permitted to a limited extent.

Our expectations:

Application documents must authentically reflect your own qualifications, personality, and motivation.

The use of AI for supportive purposes (e.g. spell-checking, improving wording) is acceptable.

Fully generated application documents created by AI without personal adaptation or review are not permitted.

Under no circumstances may NVISO information, data, or documents be uploaded to or processed by external AI tools.

We reserve the right to exclude applications from the selection and interview process that are clearly created primarily or exclusively by AI and show no recognizable personal input.

The purpose of this policy is to ensure a fair and transparent recruitment process and to obtain an authentic impression of our applicants.