Plus
Включить Plus
Назад
Company hidden
7 дней назад

Security Operations Lead (SecOps) (AI)

50 400 - 79 200
Формат работы
remote (только Portugal)
Тип работы
fulltime
Грейд
lead
Английский
b2
Страна
Portugal
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Security Operations Lead (SecOps) (AI): Leading the SecOps squad to detect, investigate, and respond to threats with an accent on AI-driven automation and detection engineering. Focus on designing SIEM architecture, scaling incident response workflows, and implementing detection-as-code to protect a multi-continent healthcare platform.

Location: Remote in Portugal. Candidates must possess a valid EU visa and be based in Portugal

Salary: €50,400 - €79,200 a year (includes base, variable and equity)

Company

hirify.global is an AI-native healthcare platform pioneering AI Care to provide scalable, medical-reasoning based treatment for physical and mental health.

What you will do

  • Define the strategy and technical direction for the SOC, including the operating model, SIEM architecture, and incident response roadmap.
  • Drive an AI-first transformation of security operations by designing SOAR playbooks and LLM-assisted triage workflows.
  • Technically lead the SOC/CSIRT team, mentoring engineers and acting as the incident commander during major security events.
  • Own the end-to-end SIEM lifecycle and evolve detection-as-code content aligned with the MITRE ATT&CK framework.
  • Lead high-severity incident response from detection through containment, eradication, and post-incident review.
  • Operate threat intelligence and hunting programs to convert emerging TTPs into proactive hardening measures.

Requirements

  • Bachelor's degree in Computer Science, Cybersecurity, or equivalent professional experience.
  • Proven experience scaling a SOC through automation, SOAR, or ML-driven detection.
  • Deep expertise in SIEM tools (Splunk, Sentinel, Chronicle, Elastic) and ingestion architecture.
  • Experience as a technical lead for a SOC or CSIRT team, owning the full incident response lifecycle.
  • Strong proficiency in cloud environments (AWS and/or GCP) and scripting skills (Python, Go, or Bash).
  • Must possess a valid EU visa and be based in Portugal.

Nice to have

  • Experience in digital forensics and preserving digital evidence.
  • Working knowledge of NIST 800-61, CIS Controls, and ISO 27001.
  • Background in threat modeling and adversary emulation.

Culture & Benefits

  • Remote work allowance and flexible working hours.
  • Health, dental, and vision insurance.
  • Equity shares and meal allowance.
  • Discretionary vacation and a provided stock of snacks and beverages.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →