Security engineer

Within WUR, the responsibility for security lies with all Multidisciplinary Teams (MDTs). Together with your colleagues, you ensure that our infrastructure remains secure, scalable and manageable. Together with colleagues in the MDTs, you ensure a sharp detection ability and the ability to respond quickly and adequately to security incidents. It is your drive to mitigate security risks for WUR in the IT field, to eliminate security blind spots, to increase the monitoring and responsiveness of IT colleagues and to minimize the impact of security incidents. In addition to an operational role as a security analyst, you will mainly build and improve. You look at the entire landscape, identify technical gaps in security and detection, and independently come up with concrete plans and implementations to close them.

Our environment uses Kubernetes with Helm and ArgoCD, and Opensearch as SIEM with various log sources. These log sources are connected via log forwarders such as Vector and Logstash and are accessed via Kafka. In addition, we use multiple in-house developed Python solutions for detection and handling. You'll be the one connecting log sources, building and maintaining mappings for the log sources, and helping to implement detections and automation. You do this from a good understanding of the architecture of our landscape. Development skills are indispensable here.

In addition, you have an overview of the total security architecture. You can advise other teams on improvements, new measures and best practices, and help to firmly embed security in our infrastructure. You have strong communication skills and work easily with colleagues inside and outside your own team.

Your tasks and responsibilities as a security engineer are:

• Designing, developing and maintaining our logging and SIEM platform.
• Onboarding and managing our log flows.
• Design and management of the necessary tooling.
• Developing Python code for detection and handling.
• Increasing our detection capabilities and accelerating incident handling through the use of automation and AI.
• Advising on security strategies, tooling choices and long-term solutions, and converting this into concrete solutions.
• Security incident analysis and response. Together with your fellow security analysts, you are the first point of contact for the SOC/SIEM service. Together with your colleagues, you are on standby for security incidents in a fixed schedule (once every 4 weeks). You will receive an extra allowance for this. You are also part of the CERT and have an active role in the SURF SCIRT.

In short: you are the engineer who not only thinks about detection and prevention, but also actually builds and implements solutions.

Your team
You will be part of the MDT IT Security Services, a small and expert team that, together with the other MDTs, monitors WUR's IT security. It currently consists of four security analysts and our IT Security Officer. The team is responsible for detection and initiating the handling of security incidents through our own SIEM. In addition, the team has a directing role in organization-wide security issues and ensures that our security policy is applied consistently and future-proof.

Your role in this is mainly to technically strengthen our security by building, automating and improving.

You are an independent and eager to learn IT professional with a DevOps mindset. You have a clear vision of security and the ability to translate it into concrete solutions. You can switch between a helicopter view to provide overview and structure and in-depth technical knowledge and skills for the right level of detail in the execution. You like to work together with other professionals and different stakeholders in an agile environment. You are a connector and dare to speak out and ask questions. You are a real go-getter, have strong communication skills and have a warm heart for education and research. In addition, you are analytically minded but also solution- and customer-oriented. You are enterprising and have the drive and organizational talent to get things done as a driving force. You are creative and always look for new solutions to make existing environments more effective and new functionalities possible. You also know how to inspire others in this.

You also have:

• Demonstrable HBO working and thinking level;
• Strong engineering and development skills (Python, Kubernetes);
• Experience in setting up and maintaining SIEM solutions (preferably Opensearch/Elasticsearch);
• Experience with log source integration and mapping;
• Broad knowledge of IT infrastructures (on-premise, cloud and hybrid environments);
• Knowledge and experience in the IT security field. In possession of relevant certificates or the willingness to obtain them (such as CEH);
• Ability to maintain an overview of architecture and translate it into technical solutions;
• Communication skills to advise and take colleagues and other teams with you;
• The working language within the team is Dutch, but in our international working environment, more and more communication is in English. We therefore expect a good command of Dutch and English.

You can see that there are plenty of challenges for you. These challenges can also be seen as development opportunities. So if you do not yet have the track record required in the vacancy, but do have solid work experience and the right mindset, we would also like to invite you to apply.

You will work here
Our IT teams work according to agile principles. Collaboration, communication, transparency and continuous feedback are essential. The team works on campus at least two days a week and can choose to work from home the other days, for good focus and a healthy work-life balance.

Wageningen University & Research offers excellent terms of employment. A few highlights from our Collective Labour Agreement include:

• working hours that can be discussed and arranged so that they allow for the best possible work-life balance;
• sabbatical leave, study leave, and partially paid parental leave;
• there is a strong focus on vitality and you can make use of the sports facilities available on campus for a small fee;
• a fixed year-end bonus of 8,3%;
• excellent pension scheme.

In addition to these first-rate employee benefits, you will of course receive a good salary. We offer, depending on your experience, a competitive gross salary of between €3.399 and €6.228 for a full-time working week of 36 hours, in accordance with the CLA Wageningen Research (scale 10/11). Additionally, For this role a contract for 32 hours can be discussed. First, we offer a one-year contract with the intention of converting it into a permanent contract.

Wageningen University & Research offers plenty of opportunities for growth and development, with a strong internal recruitment policy and excellent training programmes.

You will work on the greenest and most innovative campus in the Netherlands, in an international and open working environment. For 20 consecutive years, we have been voted the "best university" in the Netherlands! A place to be proud of.

The mission of Wageningen University & Research is ‘To explore the potential of nature to improve the quality of life’.

We pursue this mission through a synergistic approach between Wageningen University and Wageningen Research Foundation (applied research). Our research focuses on questions within the domains of food, living environment, and society. With approximately 30 locations, 7,700 staff members, 2,500 PhD candidates, and over 13,000 students, Wageningen University & Research is among the world’s leading knowledge institutions in its domain. The integral approach to challenges and the collaboration across various disciplines form the core of the unique Wageningen approach.

Read the 5 reasons why your future colleagues enjoy working at WUR.

We will recruit for the vacancy ourselves and do not appreciate unasked for services from recruitment agencies. However, sharing in your network is appreciated.