Cybersecurity Engineer

Hey there, think you stumbled upon this job posting by chance? We dont believe in chance at Nimber.

Caught your eye? Great. Keep going...

We are Nimber, and we are not just filling positions, we are building a team that is ready to shake things up. If you are ready to rewrite the rules and make a real impact, this is your moment. Join us and lets put the future where it belongs. In the hands of passionate people.

But what does Nimber mean?In mathematics and game theory, they are numbers with special properties of addition and multiplication. And what we really want is to add value to customers' projects.

Position: Cybersecurity Engineer

Location: Lisbon or Porto, Hybrid

Your responsibilities include:

• Act as the technical escalation point for complex incidents; directly analyze logs, events, and provide mitigation recommendations.
  
• Conduct root cause analysis (RCA), diagnosing the origin, impact, and corrective actions for security incidents.
  
• Develop and fine-tune advanced detection rules (e.g., using the MITRE ATT&CK framework) in SIEM and/or EDR tools.
  
• Implement and manage automation playbooks (e.g., Playbooks in Azure Sentinel) to accelerate and optimize incident response processes.
  
• Participate in the implementation and monitoring of security controls such as IAM, EDR, DLP, and specific cloud security protections (e.g., Azure Defender).
  
• Provide technical guidance for SOC task execution, ensuring implementation and technical alignment with the project.
  
• Drive continuous improvement and optimization of incident response processes within the SOC.
  
• Perform critical vulnerability assessments within the client perimeter and coordinate mitigation actions.
  
• Adopt an analytical approach to detect anomalies in logs and events, using complex queries in KQL (Microsoft Sentinel).
  
• Participate in crisis management processes, supporting the response during highly critical situations.
  
• Produce detailed technical reports on security incidents and vulnerabilities (RCA).
  
• Develop methodologies for data and log integration, increasing SOC visibility and effectiveness.
  

You must have:

• Bachelor's or postgraduate degree in Information Security or Cybersecurity.
  
• Minimum of 2 years in cybersecurity, with at least 2 of those years focused on cybersecurity incident management or team management.
  
• Fluency in English (written and spoken) is essential.
  
• Experience with SIEM tools, especially Microsoft Sentinel (or similar solutions like Splunk or QRadar).
  
• Experience with EDR tools (e.g., SentinelOne, CrowdStrike, Microsoft Defender).
  
• Experience with Vulnerability Management tools (e.g., Rapid7, Tenable).
  
• Experience in cloud security, particularly with Microsoft Azure (Azure Sentinel, Azure Defender, etc.).
  
• Leadership skills and experience managing small teams.
  
• Strong communication skills, with the ability to translate technical concepts.
  
• Attention to detail and accuracy in analysis and documentation processes.
  
• Critical thinking.
  
• Analytical mindset to identify complex patterns and correlate security events.
  

We value:

• International experience.
  
• Certifications: Security+, SC-200, SC-100, AZ-500.

This is our winning strategy, built on the core principles of impartiality, independence, and fairness at Nimber. The only thing missing is you!

Ready to join us and succeed?

If you're tired of feeling like just a number, send us your application and become a Nimber.