Cybersecurity Professional - Incident Response Specialist

beBeeCybersecurity
22, July 2025
Cibersegurança
Tempo inteiro

Descrição do trabalho

We are seeking a seasoned cybersecurity professional to join our team in Lisbon, Portugal. This role is ideal for individuals who thrive in dynamic environments and enjoy tackling complex security challenges.

  • Key Responsibilities
  • Serve as the technical escalation point for advanced cybersecurity incidents, performing in-depth analysis of logs and events to identify root causes and recommend mitigation strategies.
  • Conduct detailed Root Cause Analyses (RCA) of security events, evaluating origin, impact, and corrective measures.
  • Design, develop, and optimize detection rules in SIEM systems aligned with frameworks like MITRE ATT&CK.
  • Create and manage automated incident response playbooks to streamline SOC operations.
  • Support the deployment and continuous monitoring of key security controls including IAM, EDR, DLP, and cloud-native security solutions.
  • Provide technical leadership to SOC analysts, ensuring adherence to best practices and consistent execution of security tasks.
  • Drive continuous enhancement of the incident response lifecycle, identifying and implementing process improvements.
  • Conduct vulnerability assessments across client environments and coordinate with stakeholders on remediation activities.
  • Utilize advanced KQL queries to detect behavioral anomalies and uncover sophisticated threats within log data.
  • Actively participate in crisis management and incident containment, supporting the team during high-severity security events.
  • Deliver comprehensive technical reports on incidents, vulnerabilities, and root causes.
  • Requirements
  • Bachelor's or postgraduate degree in Information Security, Cybersecurity, or a related field.
  • Minimum 4 years of experience in cybersecurity, including 2+ years in incident response or managing cybersecurity teams.
  • Proven experience with SIEM platforms (preferably Microsoft Sentinel).
  • Hands-on expertise with EDR tools.
  • Familiarity with vulnerability management tools.
  • Experience in cloud security, particularly within Azure environments.
  • Strong analytical and critical thinking skills, with attention to detail and accuracy in investigation and documentation.
  • Excellent communication skills, with the ability to translate technical details into business-relevant insights.
  • Demonstrated leadership capabilities and team coordination skills.
  • Preferred Qualifications
  • International work experience.
  • Relevant cybersecurity certifications, such as:
  • CompTIA Security+
  • SC-200 (Microsoft Security Operations Analyst)
  • SC-100 (Microsoft Cybersecurity Architect)
  • AZ-500 (Microsoft Azure Security Technologies)
Voltar para homepage