S
Cybersecurity Analyst
Sogeti
Utrecht · Hybrid Full-time Senior Today
About the role
Hieronder vind je een samenvatting in het Engels van de vacature “Senior SOC Analyst” bij Sogeti, inclusief de belangrijkste taken, vereisten en voordelen. Als je iets anders in gedachten had (bijvoorbeeld een vertaling naar het Nederlands, een voorbeeld‑cover‑letter, of hulp bij het voorbereiden van een sollicitatiegesprek), laat het me dan gerust weten – ik help je graag verder!
Senior SOC Analyst – Sogeti (Netherlands)
About the role
- Location & environment: Work in Sogeti’s Security Operations Center (SOC) as part of the Value Delivery Center (VDC). The SOC operates 24/7, delivering Managed Detection & Response (MDR) services to critical‑sector clients (government, healthcare, energy).
- Technology stack: Microsoft Sentinel, Microsoft Defender, Azure Cloud Platform, Sogeti Smart Workspace (SSW).
- Team culture: Collaborative, innovation‑driven, strong focus on knowledge sharing and continuous improvement.
Core responsibilities
| Area | What you’ll do |
|---|---|
| Technical leadership | Design, implement, and continuously improve the SIEM solution (Microsoft Sentinel). Keep detection & response capabilities aligned with the latest threat trends while balancing cost‑efficiency. |
| Tier‑3 analyst | Act as the go‑to expert for complex incidents. Mentor junior analysts, ensure knowledge transfer, and support the stand‑by rotation. |
| Process & governance | Work closely with the Manager SecOps and SME SecOps to refine SOC processes (ITIL‑based), drive automation, and enhance service quality. |
| Threat intelligence & hunting | Contribute to threat‑intel feeds, develop hunting queries, and help shape proactive detection rules. |
| Cross‑functional collaboration | Partner with cloud, networking, and endpoint teams to ensure end‑to‑end security coverage. |
Required background & skills
| Category | Required / Preferred |
|---|---|
| Education | HBO or WO degree in IT / Cybersecurity |
| Certifications | CCSP (mandatory), SC‑900, AZ‑900, SC‑200, MS‑102, MS‑500 (optional but a plus) |
| SOC experience | Proven experience setting up, maintaining, or working inside a SOC |
| Tools | Strong hands‑on experience with Microsoft Sentinel & Microsoft Defender |
| Networking | Good understanding of TCP/IP, DNS, HTTP |
| Security domains | Endpoint & cloud security, basic DFIR knowledge |
| Threat intel / hunting | Knowledge is a plus |
| Process | Familiarity with ITIL and process management |
What Sogeti offers
- Impactful work on mission‑critical security solutions for government, healthcare, and energy sectors.
- 24/7 SOC team where you’ll see the direct results of your actions.
- Career development: Dedicated Career Manager, extensive training & certification budget (cybersecurity & cloud).
- Hybrid working with flexibility to align work with personal life.
- Work‑life perks: Ability to swap public holidays, 26 vacation days (plus the option to buy extra days), pizza evenings, game nights, ski trips, etc.
- Company background: Part of Capgemini, large‑scale, high‑impact IT projects across the Netherlands, strong community‑driven knowledge sharing.
Application contact
- Recruiter: Gihon van Maarsen (Lead Recruiter)
- Phone: 06‑21467490
- Email: gihon.van.maarsen@sogeti.com
“Become Your Best.” – Sogeti encourages you to apply and join a team where you can grow into the best version of yourself.
Next steps (if you decide to apply)
Tailor your CV – Highlight:
- Direct experience with Microsoft Sentinel / Defender.
- Any CCSP or related Microsoft certifications.
- Specific SOC projects (e.g., rule‑creation, incident response playbooks, automation).
- Examples of mentorship or Tier‑3 incident handling.
Write a concise cover letter (≈ 200‑300 words) that:
- Shows your passion for protecting critical infrastructure.
- Connects your past achievements to the responsibilities above.
- Mentions why Sogeti’s hybrid, community‑focused culture appeals to you.
Prepare for the interview – Typical topics:
- Deep‑dive into a recent complex incident you resolved.
- How you would design a detection rule for a novel ransomware technique in Sentinel.
- Your approach to knowledge transfer within a SOC team.
- Understanding of ITIL processes and how you’ve applied them.
Reach out to Gihon (phone or email) if you have any questions about the role, the hiring timeline, or the PES‑screening step mentioned in the posting.
Need anything else?
- A full English translation of the original Dutch posting?
- A sample cover letter tailored to this role?
- Interview preparation tips (technical questions, case studies, behavioral questions)?
Just let me know, and I’ll provide the exact material you need!
Requirements
- Een HBO‑ of WO‑opleiding in IT of cybersecurity
- Aantoonbare ervaring met het opzetten, onderhouden of werken binnen een SOC
- Vaardig in het werken met Microsoft Sentinel en Microsoft Defender
- Kennis van networking (TCP/IP, DNS, HTTP)
- Inzicht in endpoint‑ en cloud security
- Bekend met ITIL en procesmanagement
Responsibilities
- Je speelt een centrale rol in de architectuur, implementatie en verbetering van onze SIEM‑oplossingen.
- Je zorgt dat onze detectie‑ en responsdiensten blijven aansluiten op de nieuwste dreigingstrends en bewaakt de balans tussen technische innovatie en kostenefficiëntie.
- Je bent het inhoudelijk aanspreekpunt voor analisten, borgt kennis in het team en ondersteunt bij complexe incidenten.
- Je draait mee in de stand‑by diensten en werkt nauw samen met de Manager SecOps en SME SecOps om de dienstverlening continu te verbeteren.
Benefits
opleidings- en certificeringsmogelijkhedenvakantiedagenfeestdagen ruilen
Skills
Azure Cloud PlatformCCSPDFIRMicrosoft DefenderMicrosoft SentinelMS-102MS-500SC-200SC-900Sogeti Smart WorkspaceTCP/IPThreat IntelligenceThreat Huntingcloud securitycybersecuritydigital forensicsendpoint securityincident responsenetworkingSIEM
Don't send a generic resume
Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.
Get started free