Senior Security Engineer (SecOps)

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Security Engineer (SecOps) based in Portugal.

This is an exciting opportunity for an experienced cybersecurity professional to take ownership of Security Operations within a fast-growing, technology-driven environment. In this role, you will design, implement, and optimize security monitoring, incident response, and detection capabilities across modern cloud and infrastructure ecosystems. Working closely with engineering, platform, IT, compliance, and leadership teams, you will help strengthen organizational resilience through proactive threat detection, automated response workflows, and robust security controls. The position offers significant autonomy and the chance to build scalable SecOps processes from the ground up while working with advanced cloud technologies, security tooling, and distributed systems. Ideal for someone who combines strong technical expertise with strategic thinking, this role provides meaningful impact on the overall security posture of a rapidly evolving organization.

• Design and establish a centralized Security Operations model, including process ownership, escalation paths, service-level expectations, incident workflows, reporting frameworks, and post-incident review practices.
• Build and maintain SIEM and log management capabilities, ensuring centralized log collection, normalization, retention policies, access controls, monitoring coverage, and audit readiness.
• Develop, implement, and continuously improve detection rules and alerting mechanisms across authentication systems, IAM platforms, cloud infrastructure, Kubernetes environments, CI/CD pipelines, databases, applications, and endpoints.
• Lead incident response activities, including investigation, containment, eradication, recovery, evidence collection, root cause analysis, and continuous improvement initiatives.
• Automate operational security processes such as alert enrichment, ticket creation, incident notifications, account containment, endpoint isolation, and response orchestration.
• Collaborate with IT and infrastructure teams to strengthen endpoint security through device management, encryption, patching, firewall controls, compliance monitoring, and endpoint protection technologies.
• Partner with engineering, platform, compliance, legal, and management teams to support logging strategies, vulnerability management, policy development, audit preparation, and security governance initiatives.
• Contribute to the ongoing enhancement of security monitoring capabilities, operational efficiency, and organizational cyber resilience.

Requirements

• 5+ years of hands-on experience in Security Operations, Security Engineering, or a related cybersecurity role, with a focus on building or improving SecOps processes in production environments.
• Strong experience implementing, managing, or optimizing SIEM and log management platforms, including log collection, parsing, normalization, correlation, alerting, dashboard creation, and retention management.
• Practical experience working with cloud and infrastructure security logs, including cloud audit trails, security monitoring services, network flow logs, authentication events, and application activity logs.
• Demonstrated expertise in designing detection rules, correlation logic, and alerting strategies based on real-world threat scenarios and attack techniques.
• Strong understanding of security monitoring frameworks, adversary tactics, detection engineering principles, and incident response lifecycles.
• Experience with endpoint security technologies such as EDR, XDR, antivirus solutions, mobile device management, endpoint compliance controls, and device hardening practices.
• Solid knowledge of identity and access management, authentication systems, network security concepts, and common attacker behaviors.
• Proficiency in scripting or automation using Python, Bash, Go, or similar languages for integrations, alert enrichment, reporting, and incident response workflows.
• Ability to work independently, drive initiatives from concept to implementation, prioritize effectively, and communicate complex security topics to both technical and non-technical stakeholders.
• Strong analytical, troubleshooting, and problem-solving skills with a proactive and ownership-driven mindset.
• Experience in regulated industries, security automation platforms, digital forensics, Zero Trust architectures, compliance frameworks, or cloud security environments is considered an advantage.

Benefits

• Fully remote work environment with flexibility to work from a location that suits your needs.
• Opportunity to build and shape security operations processes with a high degree of ownership and autonomy.
• Exposure to modern cloud-native technologies, scalable infrastructure, and advanced cybersecurity challenges.
• Career development opportunities through structured performance reviews, mentorship programs, and professional growth initiatives.
• Dedicated learning budget for courses, certifications, workshops, and continuous education.
• Access to corporate language learning programs and knowledge-sharing resources.
• Comprehensive health insurance coverage and additional well-being support programs.
• Monthly flexible benefits allowance that can be used for hobbies, sports, wellness, or personal interests.
• Paid annual leave, public holidays, and sick leave to support a healthy work-life balance.
• Participation in team events, workshops, networking opportunities, and company gatherings.
• Collaborative, transparent, and innovation-driven culture that encourages initiative, continuous improvement, and professional growth.

---