Threat Detection & Incident Handling

Our client is an international tech consulting company with 25 years of experience offering solutions to support companies businesses and digital transformation.

(This position is hybrid in Lisbon or Porto)

Responsibilities:

• Conduct proactive investigations of advanced threats using specialized tools and techniques.
• Collaborate with SOC offensive security and vulnerability management teams to provide incident context and anticipate or respond to attacks.
• Develop and maintain threat hunting rules to improve SOC detection capabilities.
• Assist in critical incident response coordinating with other cybersecurity or organizational teams.
• Perform forensic analysis of complex incidents.
• Structure and create technical reports communicating identified threats to the team and organization.
• Stay up to date with the latest security threats and trends.

Requirements:

• Higher education in a relevant field or equivalent experience.
• Minimum 5 years of experience in cybersecurity preferably in similar roles.
• Experience in Threat Hunting Threat Intelligence and Incident Response.
• Knowledge of tools such as SIEM EDR/XDR and frameworks like MITRE ATT&CK.
• Strong analytical skills and a methodical approach to solving complex problems.
• Experience with scripting (Python PowerShell) and log analysis.
• Experience in Linux system administration (Red Hat CentOS Ubuntu or similar).
• Experience in the Implementation of Faircom DB on the ERP file system.
• Experience with Cyber remediation work stream (including O/S upgrade).
• Strong communication skills with the ability to engage both technical and non-technical audiences.
• Good English level (speaking).

Valued Knowledge:

• Certifications such as GCFA GCTI OSCP or equivalent.
• Experience in large-scale environments or telecommunications.
• Knowledge of malware analysis and reverse engineering.
• Deep understanding of low-level operating systems (Windows & UNIX).