Senior Security Engineer (Cybersecurity)

TL;DR

Senior Security Engineer (Cybersecurity): Lead the analysis and response to security incidents and breaches, performing root-cause analysis and post-incident reporting. Focus on advanced threat hunting, improving incident response policies, and collaborating with engineering and business teams.

Location: Hybrid in Porto, Portugal

Company

hirify.global is a leading global marketplace for the luxury fashion industry, connecting customers in over 190 countries with items from over 1,400 brands and boutiques.

What you will do

• Lead the analysis and response to security anomalies, intrusion attempts, and breaches.
• Conduct advanced threat hunting to identify undetected threats using data from endpoints, servers, cloud environments, and network traffic.
• Act as the senior escalation point for the SOC, providing expert analysis on complex security tickets.
• Continuously improve incident response policies, playbooks, and SOC operational processes.
• Analyze and mitigate web-based security events using CDN security solutions (e.g., Akamai, Cloudflare).
• Participate in an on-call rotation to respond to urgent security incidents or emerging threats.

Requirements

• 8+ years in Information Security, with at least 5+ years specifically dedicated to Cyber Security Incident Response (CSIRT) or Digital Forensics.
• Experienced in host-based investigations across Windows, Linux, and various network/security appliances.
• Hands-on experience analyzing security events within AWS, Azure or other major Cloud environments.
• Knowledgeable of analyzing events from EDR, HIPS, DLP, IPS/IDS, and SaaS solutions (e.g., Google Worksapce, O365, Email Security).
• Proficient in managing and analyzing logs from Web Security solutions like Akamai or Cloudflare.
• Able to automate response workflows and script in Python, Bash, or PowerShell.
• Graduate in Computer Science, Cybersecurity, or equivalent practical experience.
• Deep understanding of container security and orchestration (Kubernetes, Docker).
• Advanced knowledge of network traffic/packet analysis and network forensics.
• Relevant industry certifications such as GCIH, GCFA, GNFA, CISSP, or OSCP.

Culture & Benefits

• Health insurance for the whole family, flexible working environment and well-being support and tools.
• Extra days off, sabbatical program and days for you to give back for the community.
• Training opportunities and free access to Udemy.
• Flexible benefits program.