Senior Detection Engineer / Threat Detection Lead

Freelancer Opportunity

Job title: Senior Detection Engineer / Threat Detection Lead

Job location: Brussels, Hybrid, 2 days/week

Job sector: Financial Services / Critical Infrastructure

Level: Senior / Lead (NL, EN, FR), leading people & projects

Job duration: 2026-08-01 to 2027-02-28

Job weekly hours: 40 hrs./week

Job salary range: 95 to 100 euros an hour

About the Role

We are looking for an experienced security professional to lead our threat detection capabilities. This is a hands-on role with real ownership: you will design detections that actually catch attackers, drive our threat hunting programme, and be a go-to person for continuous security improvement. You will also have the opportunity to contribute to the broader security community and help build a team around you.

What You Will Do

• Design, build, and maintain detection rules across SIEM and XDR platforms, with full lifecycle ownership from use case to retirement

• Conduct gap analyses against threat actor TTPs (MITRE ATT&CK) to identify coverage blind spots

• Participate in and lead incident response efforts, including containment, investigation, and remediation

• Run purple team exercises and breach & attack simulations to validate detection coverage

• Build and maintain a Detection-as-Code framework with CI/CD pipelines and version control

• Develop and execute threat hunting hypotheses based on threat intelligence and new attack research

• Translate threat intelligence feeds and reports into actionable detections

• Support red team, TIBER, and DORA testing as the blue team counterpart

• Contribute to incident response plan development and tabletop exercises

• Share knowledge internally and represent the company in relevant industry groups (ISACs, CSIRTs, working groups)

What We Are Looking For

• Several years of hands-on experience in detection engineering, SOC, or CSIRT roles

• Deep familiarity with SIEM platforms (Sentinel, Splunk, QRadar, or similar)

• Experience building and running SOAR playbooks and automation pipelines

• Solid understanding of attacker TTPs and how to operationalize threat intelligence

• Experience with forensics, threat hunting, and incident handling at L2/L3 level

• Ability to lead a team or a functional working group

• Active participation in the security community is a strong differentiator

• Trilingual candidate (NL, EN, FR).

Nice to Have

• Experience in Government, defense, financial sector environments or critical infrastructure

• Familiarity with OT/ICS security

• Python scripting for automation and tooling

• Involvement in inter-CSIRT coordination or security coalitions

• Certifications: Microsoft Security, Threat Hunting, Threat intel, CISM, CISSP

Why This Role

This role is built for someone who has grown from SOC analyst to detection leader, who reads detection engineering reports for fun, and who thinks in terms of attacker behavior rather than just alert rules. If you have run a CSIRT team at a major bank, contributed to a national cyber coalition, and spoken at FIRST, this is the kind of work you will find worth showing up for.

Apply now and start your journey with Team Possible! We want to get to know you.

After your application, we will verify your profile and get back to you within 3

working days.

If you’re successful, you can expect the following steps:

An initial conversation with our recruiter - Swati Kumari

Interview with the Hiring Manager and the team.

Final decision

About Proximus

We are Team Possible turning tech into opportunities.

We are driven by four core pillars: "I care," "I make a difference," "I radically simplify," and "I embrace the future". This means you'll join a team that genuinely cares for customers and colleagues, is empowered to make a real impact, strives to radically simplify complex challenges, and is always looking ahead to embrace the future of technology. We believe in an inclusive and safe environment where everyone can thrive, offering extensive career development resources, including access to over 5,000 training modules and a minimum of 5 days of training per year, to help you continuously learn, grow, and tackle bold challenges with us.