Security Operations Lead (SecOps)
Tasks
- Build ML driven detection content
- Convert TTPs into new detections
- Create LLM assisted triage workflows
- Define security operations center operating model
- Design SIEM architecture and detection architecture
- Develop SOAR playbooks
- Handle major incidents as incident commander
- Improve incident response playbooks and runbooks
- Lead SOC CSIRT team technically
- Lead threat intelligence and threat hunting
- Measure SOC performance MTTD MTTR coverage
- Mentor detection and response engineers
- Own SIEM architecture and data normalization
- Run incident response lifecycle
- Run on call and escalation models
- Run tabletop exercises for readiness
- Tune detection as code content
Perks/Benefits
- Dental insurance
- Discretionary vacation
- Equity shares
- Flexible working hours
- Health insurance
- Meal allowance
- Remote work allowance
- Snacks and beverages
- Vision insurance
- Work from home
Skills/Tech-stack
AWS | Adversary Emulation | Bash | CIS Controls | CSIRT | Call escalation | Cause analysis | Cloud Security | Detection engineering | Detection-as-code | Digital forensics | EDR | Elasticsearch | Go | Google Chronicle | Google Cloud | ISO 27001 | Identity Monitoring | Incident Response | MTTD | MTTR | MTTTD | Microsoft Sentinel | Mitre Attack | NIST SP | NIST SP 800 | NIST SP 800-61 | Network detection | On-Call | On-call escalation | Python | Query Optimization | Root Cause Analysis | Root cause | Runbook Development | SIEM | SOAR | SOC Operations | Security telemetry | Splunk | Threat Intelligence | Threat hunting | Threat modeling | XDR | “as-code”
Education
Roles
Incident Response Lead | Lead | Operations Lead | SOC Lead | Security | Security Operations Lead
Related jobs
-
AWS | CI/CD | Cloud Security | Cloud Security Architecture | DASTFully paid parental leave | Fully remote first work environment | Home office stipend | Leadership development | Paid time offMid-level Full TimePortugal R3d ago
-
API Security | AWS | Application Security | Cloud Security | Data ProtectionCareer coaching | Career progression | Health insurance | Meal card | Remote workSenior-level ContractLisbon4d ago
-
Access Control | Architecture Review | Audit Reporting | Cybersecurity Framework | FirewallsBuddy onboarding support | Career development feedback system | Continuous training | Extra vacation days | Health insuranceEntry-level Full TimeLisboa, Portugal4d ago
-
AWS | Automation | Case management | Cloud Security | Detection engineeringCollaborative environment | Conference access | Employee wellbeing programs | Flexible work arrangements | Health coverageMid-level Full TimePortugal4d ago
-
Security Operations Manager EUR 65K-75KAzure Firewall | Barracuda NGFW WAF | Cisco ASA | Cisco Barracuda NGFW WAF | Defender for EndpointEmployee resource groups | Flexible leave | Global Wellbeing Days | Growth opportunities | Remote working opportunitiesMid-level Full TimeLisbon, Lisbon, Portugal5d ago
-
Security Operations Manager EUR 65K-75KAWS | Azure | Azure Firewall | Barracuda NGFW WAF | Cisco ASAFlexible leave | Global Wellbeing Days | Remote working opportunitiesMid-level Full TimeLisbon, Lisbon, Portugal5d ago
-
ARM Templates | Azure Policy | Azure RBAC | Bicep | CI/CDSenior-level Full TimeLisboa, Lisboa, Portugal6d ago
-
Anti Evasion | Anti-analysis | CI/CD | Data Analysis | DebuggingAccess to modern tools and resources | Autonomy and ownership | Collaborative team environment | Conference participation support | Flexible remote or hybrid workMid-level Full TimePortugal7d ago
-
Cyber Security Trainee EUR 18K-31KCybersecurity Framework | False Positive | False Positive Tuning | ISO 27001 | IT InfrastructureHybrid workEntry-level Full TimePortugal10d ago
-
Senior Application Security Architect EUR 69K-91K.NET | API Security | AWS Security | Application Security | AuthenticationHome office stipend | Hybrid work system | Meal allowance | Opportunity to travel for training | Paid parental leaveSenior-level Full TimePortugal Lisbon12d ago
-
AWS Security | Detection-as-code | EDR | Identity Protection | Incident ResponseEqual opportunity employment | On-call rotationSenior-level Full TimeLisboa, Portugal R17d ago
-
Application Security Engineer EUR 60K-72KBash | CI/CD | CIS Benchmarks | Cloud Security | ContainerizationBenefits plan | Hybrid work model | Remote work whenever possible | Work equipment providedSenior-level Full TimePorto, Portugal17d ago
-
Cloud Security | Compliance Management | Document Management | Event analysis | GDPRADSE enrollment | Cafeteria | Continuous training | Free parking | Goal based managementSenior-level Full TimeLisbon, Lisbon, Portugal18d ago
-
Senior-level Full TimePorto, Porto District, Portugal18d ago
-
Bash | Container Orchestration | Containerization | DevSecOps | GoBirthday off | Health insurance | Hybrid work | Life insurance | Referral awardMid-level Full TimePorto, Portugal18d ago
-
Cibersecurity specialist (m/f/d) EUR 15K-15KCompliance Assessment | Cybersecurity | Detection Systems | Digital Infrastructure | Digital Infrastructure Protection100 percent salary coverage during medical leave | Childcare support | Flexible working hours | Free access to specialist services | Health insuranceMid-level Full TimePalmela, Setubal, Portugal19d ago
-
Cybersecurity Analyst (Blue Team N2) – On-site EUR 48K-66KIncident Containment | Incident Mitigation | Incident Remediation | Incident Response | Incident investigationMonday to Friday schedule | On-site work | Standard business hoursMid-level Full TimeLisbon, Lisbon, Portugal20d ago
-
Automation | Cause analysis | Incident Response | Log Querying | Malware analysisCareer growth | Equal opportunity employerMid-level Full TimeLisboa, Portugal20d ago
-
Security Engineer (all genders) EUR 52K-60KAI Security | Authentication | C# | C++ | CryptographyCompany achievement bonus | Corporate benefits platform discounts | Flexible work time | Gym discounts | Home office up to 50 percentSenior-level Full TimePorto, Portugal21d ago
-
Cause analysis | Endpoint Security | Incident Response | Malware analysis | Network SecurityMid-level Full TimeLisboa, Portugal21d ago
-
SIEM Engineer EUR 54K-60KAPIs | AWS | Azure | Cisco XDR | Cortex XDRHealth insurance | Hybrid work | International projects | Training and certificationsSenior-level Full TimeLisbon, Portugal22d ago
-
Senior SOC Analyst (Tier 2) EUR 54K-72KCisco XDR | Cortex XDR | CrowdStrike | EDR | Incident ResponseFlexible schedule | Health insurance | Hybrid work | Inclusive collaborative environment | International projects experienceSenior-level Full TimeLisbon, Portugal22d ago
-
Chief Information Security Officer (CISO) (m/f/div.) EUR 78K-102KAccess Management | Active Directory | Azure | Cloud Security | Directory architectureCanteen | Career progression | Continuous professional development | Flexible work conditions | Free parkingExecutive-level Full TimeOvar, Portugal24d ago
-
Entry-level Full TimePortugal28d ago
-
API Security | AWS | Application Security | Cloud Security | CryptographySenior-level Full TimePortugal28d ago