Sollicitatie URL: 

IT Cyber Threat hunter

Type vacature: Regulier
Job level: MSG4; MSG3
City: Amsterdam
Hours per week: 40
Education: HBO Master/ WO-pre-master; HBO Bachelor; HBO Master; WO Master
Apply before: 22-05-2022




The purpose of this job is to provide cyber­attack counterstrategy for the Group AF KL, Businesses and IT ( SOC / CSIRT teams ) by selecting advanced scenarios for innovative detection of Cyber threats. The cyber threat hunter understands the complex challenges of the cyber adversary ecosystem to enable AF KL stay ahead of hackers in our industry. In dialog with many internal/external stakeholders, with support from data science and use of digital tools he identifies blindspots (vulnerabilities) and digital assets most attracting cyber threats actors. He provides advanced indicators of compromise based on cyber intelligence, defines patterns to detect hackers and give directions and alerts using judgment to form conclusions that challenge conventional approach to prioritize cyber actions. He contributes to optimization of cyber return of investment. He drives communities of practice, culture and mindset to create the optimal cyber protection that generates maximum positive business impact.




What are you going to do?


Cyber intelligence & Risk Management

  • The Cyber Threat Hunter analyses threat intelligence feeds to design risk map of cyber threats
  • Identifies main tactics, techniques and procedures (TTPs) of potential cyber threats
  • Shares with our industry key players/stakeholders to use collective intelligence.
  • Prospects and select scenarii of cyber-attacks applicable to AF KL based on discovery of vulnerabilities
  • Organizes, analyze indicators of compromise from different sources to enhance detection by SOC.
  • Divides between hands-on contributions to cyber defense products, designing features and supporting the Manager of Cyber Threat Hunting in defining platform to govern Cyber Threats.
  • Organises cross-technology on-demand scanning of vulnerabilities, reporting and escalation.
  • Organises scanning of vulnerabilities in all IT assets.
  • Tests the hardening of IT systems and of security processes, Redteaming.
  • Hunt for IT security gaps (blind spots) in detection/protection layers of AF KL organization
  • Takes the lead for complex vulnerability assessment tasks and set direction and guide engineers
  • Role-models for engineers to learn all aspects regarding the most efficient cyber protection against threat actors, like approach, methodology, tools, technology and best practices
  • Supports the Business Owners of security agile teams in increasing the cyber security protection of IT products
  • The candidate is comfortable with complex IT environments in terms of stakeholders, IT characteristics, dependencies, innovation speed and is able to interact with more than 40 product teams, which are diverse in nature and set / keep excellent relationships

2.   Community of Practice

  • Organizes communities of practice which catalyse the spreading of cyber threat awareness,  

3.   Culture & Innovation

  • Fosters a culture where Zero Trust approaches, tooling and technologies are applied to prevent malicious acts , even internally ( malicious insider threat ) as it fits with the desired business impact
  • Embeds exploration, experimentation, research in a culture of continuous learning about cyber threats

Acts in such a manner as to contribute to the desired culture both within the IT and business.

4.    Right Technology for Cyber threat prevention

  • Contributes to choice of technology for products in line with the key cyber protection stakes.
  • Ensures that the right technologies are chosen to strike an optimal balance between achieving CISO goals, realizing functional and technical requirements and managing technical debt and costs. Contribute to improve detection capabilities of SOC and Businesses
  • Ensures that design of products is in accordance with up-to-date industry best practices on cyber threat hunting
  • Supports the Manager Cyber threat hunting in managing cyber defense lifecycle by working towards the decommissioning of inefficient protection systems to maintain a healthy cyber security architecture and technology stack in the IT landscape surrounding the business.
  • Secures compliance with regulations and laws on cyber threat hunting (eg. no hack back )
  • Proposes epics to create new cyber threat hunting service within product teams
  • Documents the as-is and future cyber threat hunting way of working.
  • Supports the Manager of Cyber threat hunting in identifying, implementing, and evaluating, new technologies for further development of the service and for simplification.
  • Supports the Business Owner on epic and feature prioritization and articulate impacts of trade-offs, with the focus on cyber protection enablers & hacking prevention
  • Provides advice to system/software engineers and product owners on best practices, trends, opportunities, pros and cons to prevent cyber attacks with operational, tactical or strategic decision making on organization and technology choices

5. Business-relevant Analysis and Consultation

  • Contributes to maintain situational awareness for cyber threats across the organization and drive the appropriate or commensurate response activities  where necessary
  • Understand and connects threats to the risks of the organization to provide appropriate capabilities and services
  • Conducts threat assessments to identify what threats are most likely to target this business,  and how they would execute their attacks
  • Provides consultative advice and coaching to cybersecurity customers to help them make informed risk management decisions
  • Applies different strategies to convince others to change their opinions or plans about cyber threats
  • Ensures that proposals or arguments are supported by strong logic and a compelling business case
  • Assists teams in various cyber threats mitigation
  • Innovates on reporting methods and deliver actionable intelligence to peers and leadership teams to increase awareness on cyber threats
  • Maintains coordination with IT disciplines to solves their vulnerabilities 
  • Maintains exchanges with international experts and business
  • Provides support to business and IT in understanding the incident threats encountered
  • Supports on situations where engineers cannot or do not fulfil their cyber security role appropriately in a context of high cyber threat


       6.    Management & Execution

  • Innovates on reporting methods and deliver actionable intelligence to peers and leadership teams to increase awareness on cyber threats
  • Maintains coordination with IT disciplines to solves their vulnerabilities 
  • Provides analysis reports and alerts, give lecture to better understand technical cyber threats.
  • Update knowledge bases
  • Maintains exchanges with international experts and business
  • Considers interest (ROI) to adopt security-managed services where profitable.
  • Conducts the handover of such activities with IT/OPS/DS/DEV and be able to manage contracts of several hundreds of k€ of yearly subscription, manage providers and guarantee SLA and results.




Where do you land?


The Security Solutions and IT Compliancy department (CISO) is the leadership function in terms of Cyber. It has an outside-in view on security technology and provides directions, advice, assistance, information, training and early warning about cyber security risks.

As a CISO/Cyber threat hunter you work in a team dedicated to Cyber threat hunting, with dutch and French colleagues. Your team defines and drives the execution of cyber security detection solutions to hunt cyber threats. You represent CISO to ensure that the security measures are executed.

The cyber threat hunting team has a basis of senior IT engineers that combines hands-on contributions in cyber, in new technologies, in high-end security toolings with potential financial impacts across multiple divisions, in IT product definitions in terms of stakeholders, in multilayered business stakes. They work in a spirit of Agile product teams.



Your profile


Master level, through STEM study or IT experience

±7 years in IT



We offer


  • A challenging role at an unique employer in the Netherlands
  • A gross salary between € 4.000,- and € 6.500,- per month
  • Plenty of room for personal development and wonderful career opportunities
  • A good pension scheme, end of the year bonus and 8 percent holiday pay
  • 25 days of paid holiday and 5 extra days off
  • Great discounts on airline tickets (if you have been in service for at least 6 months)
  • A travel expenses scheme and free use of the bus network around Schiphol
  • Discount of your health insurance
  • A personal budget for sustainable employability




Ready for your next destination?


Don’t wait any longer, send us your CV before the final boarding call on 22-05-2022! A motivation letter is no longer required; we will simply ask you a couple of questions during your online application. Within two weeks you will receive a message from us.





If you would like to know more about the position, please contact the hiring manager. Call or e-mail the recruiter for questions about the application process. In both cases, don't forget to mention the vacancy number: #8046.


Hiring manager






Details from this vacancy are not to be used for marketing purposes.