Security Operations Analyst

Imagine working in a role where your decisions help protect hospitals, bridges, energy networks, and critical infrastructure. At BAM, that’s exactly what you do.

As a Senior Security Analyst, you safeguard the digital heartbeat of the Netherlands. When a cyberattack threatens our operations, you’re the one ensuring that construction can continue, water keeps flowing, and essential services stay secure. This isn’t just cybersecurity, it’s national resilience in action.

Your day starts with a coffee and a look at the overnight alerts from Microsoft Sentinel. You scan dashboards, identify anomalies, and jump into a live investigation, a strange PowerShell process on a server linked to a key infrastructure project.

You lead the containment and coordinate the response, working closely with engineers and your external forensics partner to verify the root cause. By lunch, you’ve updated the detection logic to prevent a recurrence and briefed the team on lessons learned.

In the afternoon, you and your team review yesterday’s hunting results, tweak auto-alerts, and brainstorm new use cases. You mentor fellow analysts on KQL query design, discuss improvements with IT, and wrap up the day knowing that what you’ve built directly strengthens the resilience of a nation.

That’s what defending critical infrastructure looks like at BAM.

In this role you will:

• Detect, analyse, and respond to complex security incidents using Microsoft Sentinel and Defender XDR,
• Lead incident response efforts from triage and containment to post-incident review,
• Conduct threat hunting and develop detection logic aligned with MITRE ATT&CK,
• Develop and maintain SOC content, including correlation rules, detection logic, and advanced analytics use cases,
• Perform malware analysis and conduct reverse engineering to uncover threat behaviors, TTPs, and infrastructure,
• Support forensics and vulnerability management with internal and external partners,
• Expand security telemetry and visibility across hybrid environments,
• Mentor analysts at all levels and drive maturity in processes and tools.
• Your expertise ensures that BAM’s digital ecosystem, the backbone of everything we build, stays protected and operational.

You’ll join a young, close-knit SOC team reporting into BAM’s central IT & Security organisation.

The team combines curiosity with discipline: monitoring, investigating, and continuously improving. The atmosphere is informal and collaborative, everyone is eager to share knowledge, challenge ideas, and keep learning. You’ll work hybrid, mainly from Bunnik, with flexibility to work remotely and visit projects across the Netherlands when needed.

At BAM, we invest in people. You’ll join an open, inclusive, and ambitious culture where learning and purpose go hand in hand.

• A competitive salary between €5,580 and €6,975 gross per month, based on experience and a 40-hour workweek, plus 8% holiday allowance,
• Excellent secondary benefits under the Bouw & Infra collective labour agreement, including a sustainable employability budget (2.18%), 25 vacation days, 15 roster-free days, and 3 short-leave days per year,
• Travel allowance, laptop, and iPhone,
• Opportunities to grow through our in-house platform BAM Learning and external certifications,
• Extra perks such as 40% discount on your gym membership, and discounts on private insurance and Microsoft Office.

At BAM, your development matters as much as your expertise.

• A Bachelor’s or Master’s degree in a relevant field such as Cyber Security, Computer Science, Information Security, or IT Management,
• 5+ years of experience in Security Operations, Incident Response, or Threat Detection (Tier 3 level),
• Hands-on experience with Microsoft Sentinel and the Defender XDR stack (Endpoint, Identity, Cloud Apps),
• Skilled in KQL and detection engineering,
• Experience with scripting and automation (e.g., Python, PowerShell, or KQL),
• Familiar with MITRE ATT&CK, vulnerability management, and IR best practices,
• Strong understanding of Windows, Azure, and network security,
• Fluent in Dutch (B2 or higher) and English,
• A curious, analytical mindset, calm under pressure, collaborative in action.

BAM Nederland B.V. is part of Royal BAM Group nv, a leading European construction and engineering company active in Building and Property, Infrastructure, and Public–Private Partnerships.

Sustainability and innovation are at the core of what we do, from design and construction to facility management. Our goal is to be the digital leader in our industry, delivering the highest standards of safety, quality, and resilience.

Interested? Click ‘Apply’ and share your details. Our recruiter Mark Hendriks would love to meet you. Questions? Call or send a WhatsApp message to +31 6 57 433 444 and you’ll receive a quick reply.

Providing a Certificate of Good Conduct (VOG) is part of the recruitment process.