Senior Cybersecurity Engineer

.
We are currently seeking a Senior Cybersecurity Engineer to join our internal cybersecurity team in Lisbon.
This role is ideal for a seasoned professional who thrives in dynamic environments, enjoys tackling complex security challenges, and is passionate about protecting digital assets.
Key Responsibilities Serve as the technical escalation point for advanced cybersecurity incidents, performing in-depth analysis of logs and events to identify root causes and recommend mitigation strategies.
Conduct detailed Root Cause Analyses (RCA) of security events, evaluating origin, impact, and corrective measures.
Design, develop, and optimize detection rules in SIEM (e.G., Microsoft Sentinel) and EDR solutions, aligned with frameworks like MITRE ATT&CK .
Create and manage automated incident response playbooks , especially within Azure Sentinel, to streamline SOC operations.
Support the deployment and continuous monitoring of key security controls including IAM , EDR , DLP , and cloud-native security solutions (e.G., Azure Defender).
Provide technical leadership to SOC analysts, ensuring adherence to best practices and consistent execution of security tasks.
Drive continuous enhancement of the incident response lifecycle , identifying and implementing process improvements.
Conduct vulnerability assessments across client environments and coordinate with stakeholders on remediation activities.
Utilize advanced KQL queries to detect behavioral anomalies and uncover sophisticated threats within log data.
Actively participate in crisis management and incident containment , supporting the team during high-severity security events.
Deliver comprehensive technical reports on incidents, vulnerabilities, and root causes.
Develop methodologies to integrate new data sources and improve SOC visibility and detection capabilities.
Requirements Bachelor's or postgraduate degree in Information Security , Cybersecurity , or a related field.
Minimum 4 years of experience in cybersecurity, including 2+ years in incident response or managing cybersecurity teams.
Proven experience with SIEM platforms (preferably Microsoft Sentinel; others like Splunk or QRadar are a plus).
Hands-on expertise with EDR tools (e.G., SentinelOne, CrowdStrike, Microsoft Defender for Endpoint).
Familiarity with vulnerability management tools (e.G., Tenable, Rapid7).
Experience in cloud security , particularly within Microsoft Azure environments.
Strong analytical and critical thinking skills, with attention to detail and accuracy in investigation and documentation.
Excellent communication skills, with the ability to translate technical details into business-relevant insights.
Fluency in English (both written and spoken) is required.
Demonstrated leadership capabilities and team coordination skills.
Preferred Qualifications International work experience