Job title: Threat Hunting & Incident Response
Job type: Permanent
Emp type: Full-time
Industry: IT Services and IT Consulting
Salary: Negotiable
Location: Lisboa/Porto
Job published: 25-09-2025
Job ID: 35150

Job Description

Job Brief

  • We are seeking a professional to focus on Threat Hunting, Threat Intelligence, and Advanced Incident Response to join the Cybersecurity team. You will play a key role in defining and executing the technological strategy, ensuring operational processes are robust, and contributing to a dedicated cybersecurity team. You will collaborate with SOC, Offensive Security, Risk Management, and other areas to protect the organization against advanced threats.

 

Responsibilities

  • Conduct proactive threat investigations using specialized tools and methodologies.

  • Collaborate with SOC, offensive security teams, and vulnerability management to contextualize incidents and anticipate/respond to attacks.

  • Develop and maintain hunting rules to enhance threat detection.

  • Participate in critical incident response, coordinating efforts with cybersecurity teams or other departments.

  • Perform forensic analysis of complex security incidents.

  • Prepare technical reports and communicate threats to both technical and non-technical stakeholders.

  • Stay informed on emerging cybersecurity threats and trends.

 

Requirements & Skills

  • Bachelor’s degree in a relevant field or equivalent experience.

  • Minimum of 5 years of experience in cybersecurity, preferably in similar roles.

  • Hands-on experience in Threat Hunting, Threat Intelligence, and Incident Response.

  • Familiarity with tools such as SIEM, EDR/XDR and frameworks like MITRE ATT&CK.

  • Strong analytical and methodological skills for solving complex security problems.

  • Proficiency in scripting (Python, PowerShell) and log analysis.

  • Linux system administration (Red Hat, CentOS, Ubuntu, or similar).

  • Knowledge of system updates, patch management, monitoring, and performance tuning.

  • Experience with automation and configuration management tools (e.g., Ansible).

  • Faircom DB implementation on ERP file systems.

  • Participation in cyber remediation work streams, including OS upgrades.

  • Fluent in English and Portuguese (minimum B2/C1).

 

Next steps:

  • Do you consider yourself the ideal candidate for this role? If so, take the next step and apply now. Our team will take care of the rest.