IT SECURITY OPERATIONS SPECIALIST - PORTO, HYBRID

Noesis is looking for candidates with the following profile.
Main Tasks and Responsibilities.
Security Operations & Incident Response.
* Act as a Tier 3 escalation point for security incidents requiring advanced investigation and resolution; * Conduct deep-dive forensic analysis and threat-hunting activities to detect and mitigate sophisticated threats; * Support the SOC team and external Tier 1 & Tier 2 analysts by providing expertise on complex security incidents; * Enhance and refine incident response playbooks, ensuring effective collaboration across all security layers; * Align incident response efforts with cybersecurity frameworks such as MITRE ATT&CK, NIST CSF, and ISO .
Security Tools Administration.
* Administer and optimize security tools, including SIEM, EDR/XDR (Microsoft Defender), firewalls, vulnerability management, email and identity security solutions; * Ensure seamless integration of security tools with IT and cloud environments for continuous monitoring and threat detection; * Maintain security policies, configurations, and automation rules to improve operational efficiency and reduce false positives; * Manage log sources, data ingestion pipelines, and correlation rules within SIEM to enhance security visibility; Threat Intelligence & Vulnerability Management.
* Analyze threat intelligence feeds and proactively adjust defenses based on evolving attack techniques; * Coordinate vulnerability assessments, collaborate with IT teams, and track remediation efforts to mitigate risks; * Perform proactive threat-hunting activities to identify potential security gaps before they are exploited; * Ensure compliance with patch management policies and security best practices.
Collaboration & Awareness.
* Work closely with IT infrastructure, cloud, and development teams to align security operations with business objectives; * Collaborate with the cybersecurity awareness program, focusing on training IT staff involved in security operations; * Support audits and compliance efforts by providing necessary security operations data and insights; * Engage with external SOC partners, MSSPs, and threat intelligence providers to enhance security capabilities.
Innovation & Continuous Improvement.
* Stay current on cybersecurity threats, trends, and best practices to continuously improve security operations; * Identify opportunities for security automation (SOAR) and orchestration to improve incident response efficiency; * Collaborate on proof-of-concept initiatives for new security tools and methodologies; * Contribute to security policies, standards, and procedures to strengthen security operations.
Requirements.
* Education.
Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field; * Experience.
3+ years of experience in security operations, incident response, or security administration; * Language.
Fluent Portuguese & English.
Technical Skills.
* Hands-on experience with SIEM, EDR/XDR, firewalls, and security automation tools.
* Deep knowledge of Microsoft Security solutions.
* Proficiency in threat intelligence, forensic analysis, and malware analysis.
* Strong understanding of network security, log analysis, and cloud security.
* Experience with vulnerability management solutions.
* Scripting knowledge (PowerShell, Python) for security automation is a plus.
* Certifications.
CISSP, GCIA, GCIH, Microsoft Certified.
Security Operations Analyst, or equivalent.
* Travel.
Possible, mainly in Europe.
If you meet these conditions and would like to join an innovative organization that continuously invests in training its talents, send us your application.
Join us.
Let's innovate together! All our recruitment and selection processes are based on equal opportunities, valuing the competence and potential of each person and ensuring that no candidate is discriminated on the grounds of gender, ethnicity, sexual orientation, age, religion or physical condition.