We are currently seeking a Senior Cybersecurity Engineer to join our internal cybersecurity team in Lisbon. This role is ideal for a seasoned professional who thrives in dynamic environments, enjoys tackling complex security challenges, and is passionate about protecting digital assets.
Key Responsibilities
* Serve as the technical escalation point for advanced cybersecurity incidents, performing in-depth analysis of logs and events to identify root causes and recommend mitigation strategies.
* Conduct detailed Root Cause Analyses (RCA) of security events, evaluating origin, impact, and corrective measures.
* Design, develop, and optimize detection rules in SIEM (e.g., Microsoft Sentinel) and EDR solutions, aligned with frameworks like MITRE ATT&CK.
* Create and manage automated incident response playbooks, especially within Azure Sentinel, to streamline SOC operations.
* Support the deployment and continuous monitoring of key security controls including IAM, EDR, DLP, and cloud-native security solutions (e.g., Azure Defender).
* Provide technical leadership to SOC analysts, ensuring adherence to best practices and consistent execution of security tasks.
* Drive continuous enhancement of the incident response lifecycle, identifying and implementing process improvements.
* Conduct vulnerability assessments across client environments and coordinate with stakeholders on remediation activities.
* Utilize advanced KQL queries to detect behavioral anomalies and uncover sophisticated threats within log data.
* Actively participate in crisis management and incident containment, supporting the team during high-severity security events.
* Deliver comprehensive technical reports on incidents, vulnerabilities, and root causes.
* Develop methodologies to integrate new data sources and improve SOC visibility and detection capabilities.
Requirements
* Bachelor's or postgraduate degree in Information Security, Cybersecurity, or a related field.
* Minimum 4 years of experience in cybersecurity, including 2+ years in incident response or managing cybersecurity teams.
* Proven experience with SIEM platforms (preferably Microsoft Sentinel; others like Splunk or QRadar are a plus).
* Hands-on expertise with EDR tools (e.g., SentinelOne, CrowdStrike, Microsoft Defender for Endpoint).
* Familiarity with vulnerability management tools (e.g., Tenable, Rapid7).
* Experience in cloud security, particularly within Microsoft Azure environments.
* Strong analytical and critical thinking skills, with attention to detail and accuracy in investigation and documentation.
* Excellent communication skills, with the ability to translate technical details into business-relevant insights.
* Fluency in English (both written and spoken) is required.
* Demonstrated leadership capabilities and team coordination skills.
Preferred Qualifications
* International work experience.
* Relevant cybersecurity certifications, such as:
* CompTIA Security+
* SC-200 (Microsoft Security Operations Analyst)
* SC-100 (Microsoft Cybersecurity Architect)
* AZ-500 (Microsoft Azure Security Technologies)