Threat Detection & Incident Handling

Our client is an international tech consulting company with +25 years of experience offering solutions to support companies' businesses and digital transformation.

(This position is hybrid in Lisbon or Porto)

Responsibilities:

• Conduct proactive investigations of advanced threats using specialized tools and techniques.
• Collaborate with SOC, offensive security, and vulnerability management teams to provide incident context and anticipate or respond to attacks.
• Develop and maintain threat hunting rules to improve SOC detection capabilities.
• Assist in critical incident response, coordinating with other cybersecurity or organizational teams.
• Perform forensic analysis of complex incidents.
• Structure and create technical reports, communicating identified threats to the team and organization.
• Stay up to date with the latest security threats and trends.

Requirements:

• Higher education in a relevant field or equivalent experience.
• Minimum 5 years of experience in cybersecurity, preferably in similar roles.
• Experience in Threat Hunting, Threat Intelligence, and Incident Response.
• Knowledge of tools such as SIEM, EDR/XDR, and frameworks like MITRE ATT&CK.
• Strong analytical skills and a methodical approach to solving complex problems.
• Experience with scripting (Python, PowerShell) and log analysis. 
• Experience in Linux system administration (Red Hat, CentOS, Ubuntu, or similar).
• Experience in the Implementation of Faircom DB on the ERP file system.
• Experience with Cyber remediation work stream (including O/S upgrade).
• Strong communication skills, with the ability to engage both technical and non-technical audiences.
• Good English level (speaking).

Valued Knowledge:

• Certifications such as GCFA, GCTI, OSCP, or equivalent.
• Experience in large-scale environments or telecommunications.
• Knowledge of malware analysis and reverse engineering.
• Deep understanding of low-level operating systems (Windows & UNIX).