Empresa:

Taleo Consulting

Descrição da Função

We are currently seeking a Senior Cybersecurity Engineer to join our internal cybersecurity team in Lisbon. This role is ideal for a seasoned professional who thrives in dynamic environments, enjoys tackling complex security challenges, and is passionate about protecting digital assets.

Key Responsibilities

• Serve as the technical escalation point for advanced cybersecurity incidents, performing in-depth analysis of logs and events to identify root causes and recommend mitigation strategies.
• Conduct detailed Root Cause Analyses (RCA) of security events, evaluating origin, impact, and corrective measures.
• Design, develop, and optimize detection rules in SIEM (e.g., Microsoft Sentinel) and EDR solutions, aligned with frameworks like MITRE ATT&CK.
• Create and manage automated incident response playbooks, especially within Azure Sentinel, to streamline SOC operations.
• Support the deployment and continuous monitoring of key security controls including IAM, EDR, DLP, and cloud-native security solutions (e.g., Azure Defender).
• Provide technical leadership to SOC analysts, ensuring adherence to best practices and consistent execution of security tasks.
• Drive continuous enhancement of the incident response lifecycle, identifying and implementing process improvements.
• Conduct vulnerability assessments across client environments and coordinate with stakeholders on remediation activities.
• Utilize advanced KQL queries to detect behavioral anomalies and uncover sophisticated threats within log data.
• Actively participate in crisis management and incident containment, supporting the team during high-severity security events.
• Deliver comprehensive technical reports on incidents, vulnerabilities, and root causes.
• Develop methodologies to integrate new data sources and improve SOC visibility and detection capabilities.

Requirements

• Bachelor's or postgraduate degree in Information Security, Cybersecurity, or a related field.
• Minimum 4 years of experience in cybersecurity, including 2+ years in incident response or managing cybersecurity teams.
• Proven experience with SIEM platforms (preferably Microsoft Sentinel; others like Splunk or QRadar are a plus).
• Hands-on expertise with EDR tools (e.g., SentinelOne, CrowdStrike, Microsoft Defender for Endpoint).
• Familiarity with vulnerability management tools (e.g., Tenable, Rapid7).
• Experience in cloud security, particularly within Microsoft Azure environments.
• Strong analytical and critical thinking skills, with attention to detail and accuracy in investigation and documentation.
• Excellent communication skills, with the ability to translate technical details into business-relevant insights.
• Fluency in English (both written and spoken) is required.
• Demonstrated leadership capabilities and team coordination skills.

Preferred Qualifications

• International work experience.
• Relevant cybersecurity certifications, such as:
• CompTIA Security+
• SC-200 (Microsoft Security Operations Analyst)
• SC-100 (Microsoft Cybersecurity Architect)
• AZ-500 (Microsoft Azure Security Technologies)

Observações

Lisboa (Portugal)