Devoteam Cyber Trust | Senior Cyber Security Engineer | Retail & E-commerce Sector

Company Description

Devoteam Cyber Trust is the Cybersecurity specialist arm of the Devoteam Group. With our 800+ experts located across EMEA, we aim to establish cybersecurity as an enabler of business success rather than a gatekeeper. We leverage an end-to-end approach to Cyber Resilience, Applied Security, and Managed Security services to secure the tech journey of large and medium-sized companies from all sectors and industries.

Since 2009, previously known as INTEGRITY, our team based in Portugal is specialised in providing cutting-edge Managed Security Services that combine its expertise and proprietary technology to consistently and effectively reduce the cyber risk of our clients.

The comprehensive service range includes Persistent Intrusion Testing, ISO 27001, PCI-DSS, GRC Consulting and Solutions, and Third-Party Risk Management. ISO 27001 (Information Security) and ISO 9001 (Quality) certified, PCI-QSA, and member of CREST and CIS - Centre for Internet Security, we provide services to a considerable number of clients, operating in more than 20 countries.

Job Description

We are seeking an experienced and motivated Cybersecurity Engineer to join our Cybersecurity 
Engineering team.
 

This pivotal role involves designing, implementing, managing, and maturing a comprehensive cybersecurity
posture and architecture. The role will oversee and execute technical cybersecurity audits and assessments, providing expert guidance and support the implementation of robust cybersecurity controls, risk and incident management governance and monitoring.

• Act as a primary cybersecurity point of contact and trusted advisor on cybersecurity matters.
• Lead the strategic design, implementation, and ongoing evolution of a comprehensive cybersecurity architecture.
• Conduct comprehensive technical cybersecurity audits, assessments, and vulnerability analyses within designated environments.
• Develop and align a cybersecurity posture with relevant industry standards, regulations, and best practices.
• Design, implement, and optimise cybersecurity solutions and controls, providing expert guidance.
• Lead and support cybersecurity risk management processes.
• Develop and test incident response plans, providing hands-on support during incidents.
• Support the deployment, configuration, and tuning of cybersecurity monitoring solutions and analyse cybersecurity events and alerts.
• Collaborate closely with IT and business units to ensure cybersecurity requirements are integrated into projects and operations.
• Create clear reports on findings, risks, and remediation recommendations tailored to specific contexts and relevant stakeholders.
• Develop and deliver cybersecurity awareness training.

Qualifications

• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• Proven experience as a Cybersecurity Architect, Senior Cybersecurity Engineer, or similar role with significant design and strategic responsibilities.
• Hands-on experience with:
  • Cybersecurity architecture design and documentation.
  • Cybersecurity audits, assessments, and vulnerability analysis.
  • Designing, implementing, and optimising security solutions.
  • Securing Linux and Windows OS.
  • Secure on-premise and cloud architectures (networks, services, controls).
  • Secure virtualisation technologies.
  • IAM principles and solutions.
  • Risk management lifecycle
  • Incident response lifecycle.
• Knowledge of security standards/frameworks (ISO 27001/27701, NIST, CIS, SOC 2).
• Proven ability to manage complex projects and stakeholder expectations, fostering strong professional relationships.
• Proven ability to develop clear, concise, and actionable reports.
• Awareness of current cybersecurity trends, threats, and solutions.
• Experience in creating and delivering engaging cybersecurity awareness training and materials.
• Great organisational, analytical, and problem-solving skills.
• Strong sense of ethics, integrity, and responsibility.
• Great communication and teamwork skills.
• Fluency in Portuguese and high proficiency in English.

Nice to Have:

• Relevant industry certifications such as CISSP, CISM, CISA, CompTIA Security+, CEH, ISO 27001 Lead
• Implementer/Auditor, or specific vendor cybersecurity certifications are highly valued.
• Experience with a variety of cybersecurity technologies and tools, including advanced firewalls, Web
• Application Firewalls (WAF), IDS/IPS, EDR/XDR platforms, Data Loss Prevention (DLP) tools, SIEM solutions, and cloud-native cybersecurity services (AWS, Azure, GCP) is highly valued.
• Understanding of AI/ML principles, including their applications and cybersecurity implications.
• Proficiency in scripting languages (e.g., Bash, Python, PowerShell) for cybersecurity automation, tool integration, or data analysis is highly valued.
• Participation in cybersecurity communities, forums, or professional networks.

Additional Information

The Devoteam Group works for equal opportunities, promoting its employees based on merit and actively fights against all forms of discrimination. We are convinced that diversity contributes to the creativity, dynamism and excellence of our organization. All of our vacancies are open to people with disabilities.

Join us in our mission to safeguard our clients' digital landscapes and empower them with comprehensive
cybersecurity expertise and solutions.

Apply now to be part of our dynamic Cybersecurity Engineering team!