Senior Cybersecurity Engineer

Descrição do trabalho

We are currently seeking a Senior Cybersecurity Engineer to join our internal cybersecurity team in Lisbon. This role is ideal for a seasoned professional who thrives in dynamic environments, enjoys tackling complex security challenges, and is passionate about protecting digital assets.

Key Responsibilities

- Serve as the technical escalation point for advanced cybersecurity incidents, performing
- depth analysis of logs and events to identify root causes and recommend mitigation strategies.
- Conduct detailed Root Cause Analyses (RCA) of security events, evaluating origin, impact, and corrective measures.
- Design, develop, and optimize detection rules in SIEM (e. G. , Microsoft Sentinel) and EDR solutions, aligned with frameworks like MITRE ATT&CK.
- Create and manage automated incident response playbooks, especially within Azure Sentinel, to streamline SOC operations.
- Support the deployment and continuous monitoring of key security controls including IAM, EDR, DLP, and cloud-native security solutions (e. G. , Azure Defender).
- Provide technical leadership to SOC analysts, ensuring adherence to best practices and consistent execution of security tasks.
- Drive continuous enhancement of the incident response lifecycle, identifying and implementing process improvements.
- Conduct vulnerability assessments across client environments and coordinate with stakeholders on remediation activities.
- Utilize advanced KQL queries to detect behavioral anomalies and uncover sophisticated threats within log data.
- Actively participate in crisis management and incident containment, supporting the team during
- severity security events.
- Deliver comprehensive technical reports on incidents, vulnerabilities, and root causes.
- Develop methodologies to integrate new data sources and improve SOC visibility and detection capabilities.

Requirements

- Bachelor's or postgraduate degree in Information Security, Cybersecurity, or a related field.
- Minimum 4 years of experience in cybersecurity, including 2+ years in incident response or managing cybersecurity teams.
- Proven experience with SIEM platforms (preferably Microsoft Sentinel;

others like Splunk or QRadar are a plus).
- Hands-on expertise with EDR tools (e. G. , Sentinel
One, Crowd
Strike, Microsoft Defender for Endpoint).
- Familiarity with vulnerability management tools (e. G. , Tenable, Rapid7).
- Experience in cloud security, particularly within Microsoft Azure environments.
- Strong analytical and critical thinking skills, with attention to detail and accuracy in investigation and documentation.
- Excellent communication skills, with the ability to translate technical details into
- relevant insights.
- Fluency in English (both written and spoken) is required.
- Demonstrated leadership capabilities and team coordination skills.

Preferred Qualifications

- International work experience.
- Relevant cybersecurity certifications, such as:

- Comp
TIA Security+
- SC-200 (Microsoft Security Operations Analyst)
- SC-100 (Microsoft Cybersecurity Architect)
- AZ-500 (Microsoft Azure Security Technologies)

#J-18808-Ljbffr