Senior Security Engineer, Security Incident Response Team (SIRT)
Jobgether · Portugal
Internet Marketplace Platforms · 11-50 employees
About the role
Lead end-to-end response activities for high-severity security incidents and investigate complex cybersecurity events. Collaborate with cross-functional teams to improve detection strategies and enhance automation initiatives.
What they look for
Requirements
Significant experience in security incident response and digital forensics within cloud environments is required. Candidates should have hands-on expertise with AWS or Google Cloud Platform and strong analytical skills.
Benefits
Full description
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Security Engineer, Security Incident Response Team (SIRT) based in Portugal.
This is an exciting opportunity to join a globally distributed cybersecurity team responsible for protecting large-scale cloud environments and critical platforms against evolving threats. In this role, you will lead high-impact incident response activities, investigate sophisticated security events, and help shape modern detection and response capabilities through automation and AI-driven approaches. You will work closely with cross-functional teams across engineering, infrastructure, and threat intelligence to continuously strengthen security posture and operational resilience. The position offers a fast-paced and collaborative environment where technical expertise, strategic thinking, and innovation play a key role in driving security excellence at scale.
\n
Accountabilities:
- Lead end-to-end response activities for high-severity security incidents, from detection and triage through containment, eradication, and recovery.
- Investigate complex cybersecurity events across cloud environments using advanced Digital Forensics and Incident Response (DFIR) methodologies.
- Coordinate incident communications and provide clear updates to technical and executive stakeholders during critical events.
- Design and improve detection strategies, including SIEM use cases, telemetry pipelines, and alerting mechanisms in collaboration with engineering teams.
- Develop and enhance automation initiatives and AI-assisted workflows to accelerate investigations and improve response consistency.
- Partner with threat intelligence teams to contextualize emerging threats and strengthen detection coverage.
- Conduct root cause analyses and lead post-incident reviews to identify improvements and reduce future risks.
- Create and maintain operational documentation, including runbooks, playbooks, and incident response procedures.
- Collaborate with cross-functional stakeholders on proactive security initiatives, tabletop exercises, and resilience programs.
- Mentor team members and contribute to the continuous maturity and scalability of incident response operations.
Requirements:
- Significant experience in security incident response, digital forensics, and investigations within cloud-first environments.
- Hands-on expertise with AWS and/or Google Cloud Platform security operations and incident handling.
- Strong experience with SIEM platforms, EDR solutions, and detection engineering practices.
- Solid understanding of threat intelligence frameworks and adversary techniques, including familiarity with MITRE ATT&CK.
- Experience developing automation solutions using scripting languages such as Python or leveraging SOAR platforms.
- Interest or practical experience in applying AI, machine learning, or data-driven methodologies to security operations.
- Strong analytical and problem-solving skills, with the ability to perform effectively during high-pressure incidents.
- Experience using Git-based platforms within engineering or security environments.
- Excellent written and verbal communication skills, with the ability to produce clear documentation and executive-level updates.
- Demonstrated growth mindset, proactive approach to risk reduction, and commitment to continuous improvement.
- Ability to participate in a rotating on-call schedule supporting a global, 24/7 incident response function.
Benefits:
- Fully remote work environment with opportunities to collaborate across globally distributed teams.
- Flexible paid time off policy promoting work-life balance and personal wellbeing.
- Comprehensive health and wellness benefits designed to support employees and their families.
- Equity compensation and employee stock purchase opportunities.
- Dedicated growth and development budget for training, certifications, conferences, and continuous learning.
- Generous parental leave and family support programs.
- Inclusive employee resource groups and initiatives that foster belonging and collaboration.
- Opportunity to work on cutting-edge security challenges at scale while leveraging modern technologies, automation, and AI.
- Strong culture focused on innovation, knowledge sharing, transparency, and continuous career growth.
\nHow Jobgether works:
We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.
We appreciate your interest and wish you the best!
Why Apply Through Jobgether?
Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.
#LI-CL1