Devoteam Cyber Trust | Cyber Security Engineer

Company Description

Devoteam Cyber Trust is the Cybersecurity specialist arm of the Devoteam Group. With our 800+ experts located across EMEA, we aim to establish cybersecurity as an enabler of business success rather than a gatekeeper. We leverage an end-to-end approach to Cyber Resilience, Applied Security, and Managed Security services to secure the tech journey of large and medium-sized companies from all sectors and industries.

Since 2009, previously known as INTEGRITY, our team based in Portugal is specialised in providing cutting-edge Managed Security Services that combine its expertise and proprietary technology to consistently and effectively reduce the cyber risk of our clients.

The comprehensive service range includes Persistent Intrusion Testing, ISO 27001, PCI-DSS, GRC Consulting and Solutions, and Third-Party Risk Management. ISO 27001 (Information Security) and ISO 9001 (Quality) certified, PCI-QSA, and member of CREST and CIS - Centre for Internet Security, we provide services to a considerable number of clients, operating in more than 20 countries.

Job Description

We are seeking an experienced and motivated Cybersecurity Engineer to join our Cybersecurity  Engineering team.
The role will be pivotal in delivering a wide array of cybersecurity products and services to multiple clients
spanning multiple industry sectors. The role will manage and execute projects and services that include technical assessments, cybersecurity audits, the provision of expert guidance and support for implementing robust cybersecurity controls, and risk and incident management and monitoring.

• Deliver a diverse portfolio of cybersecurity projects and services to multiple clients across various industry sectors.

• Conduct comprehensive technical cybersecurity audits, assessments, and vulnerability analyses.

• Develop and align clients' cybersecurity posture with relevant industry standards, regulations, and best practices.

• Provide technical guidance, advisory services, and hands-on support for the design, implementation, and optimization of cybersecurity solutions and controls.

• Support the identification, assessment, and treatment of cybersecurity risks, including the development and application of appropriate management frameworks.

• Assist in the development, refinement, and testing of incident response frameworks, plans, and capabilities.

• Provide support during cybersecurity incidents, including investigation, containment, eradication, and recovery activities.

• Assist with the deployment, configuration, and tuning of cybersecurity monitoring solutions, and analyse cybersecurity events and alerts.

• Develop clear and actionable reports detailing findings, identified risks, and practical recommendations for remediation.

• Develop and contribute to information security and cybersecurity awareness initiatives, including the creation of training materials and delivery of awareness sessions.

Qualifications

• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• Proven experience as a Cybersecurity Engineer or similar role.
• Experience in conducting and delivering technical cybersecurity audits, assessments, and vulnerability analyses.
• Experience with information security and cybersecurity standards and frameworks, particularly ISO 27001/27701, NIST, COBIT, CIS, and SOC 2.
• Ability and hands-on experience in designing, implementing, and optimising a broad range of cybersecurity solutions and controls, coupled with providing expert technical guidance and advisory services.
• Proficiency in securing, managing, and hardening Linux and Windows operating systems.
• Comprehensive knowledge of secure architectures for on-premises and cloud infrastructures, covering platforms, networks, services, integrations, and associated cybersecurity controls.
• Solid understanding of virtualisation technologies and their secure configuration.
• Knowledge of Identity and Access Management (IAM) principles, best practices, and common solutions.
• Experience in supporting cybersecurity risk management processes, including risk identification, assessment, and treatment, and familiarity with relevant standards and frameworks.
• Practical experience in the cybersecurity incident response lifecycle, including contributing to the development and testing of incident response plans, and providing hands-on support during cybersecurity incidents.
• Hands-on experience in supporting the deployment, configuration, and tuning of cybersecurity monitoring solutions such as SIEMs, IDS/IPS, and EDRs, coupled with the ability to analyse cybersecurity events and alerts to identify potential incidents.
• Proven ability to develop clear, concise, and actionable reports detailing technical findings, identified cybersecurity risks, and practical remediation recommendations for diverse audiences.
• Excellent awareness of current cybersecurity trends, common attack vectors, evolving threat landscapes, and a broad range of cybersecurity solutions.
• Experience in creating and delivering engaging information security and cybersecurity awareness training and materials tailored for various organisations and roles.
• Ability to manage multiple client expectations effectively, communicate complex technical information clearly to both technical and non-technical audiences, and deliver projects successfully.
• Great organisational, analytical, and problem-solving skills.
• Strong sense of ethics, integrity, and responsibility.
• Great communication and teamwork skills.
• Fluency in Portuguese and high proficiency in English.

Nice to have:

• Relevant industry certifications such as CISSP, CISM, CISA, CompTIA Security+, CEH, ISO 27001 Lead
• Implementer/Auditor, or specific vendor cybersecurity certifications, are highly valued.
• Experience with a variety of cybersecurity technologies and tools, including advanced firewalls, IDS/IPS, and SIEM solutions, EDR/XDR platforms, Data Loss Prevention (DLP) tools, Web Application Firewalls (WAF), and cloud-native cybersecurity services (AWS, Azure, GCP) is
• highly valued.
• Proficiency in scripting languages (e.g., Bash, Python, PowerShell) for cybersecurity automation, tool
• Integration, or data analysis, is highly valued.
• Participation in cybersecurity communities, forums, or professional networks.

Additional Information

The Devoteam Group works for equal opportunities, promoting its employees based on merit and actively fights against all forms of discrimination. We are convinced that diversity contributes to the creativity, dynamism and excellence of our organization. All of our vacancies are open to people with disabilities.

Join us in our mission to safeguard our clients' digital landscapes and empower them with comprehensive
cybersecurity expertise and solutions.

Apply now to be part of our dynamic Cybersecurity Engineering team!