Cyber Incident Analyst

This is a fully remote position, open to applicants in Portugal.

📋 Description

• Cyber Incident Response and event management.

• Participate in security incident response efforts, overseeing triage, containment, documentation, and the reporting process.

• Play a key role in the Cyber Incident Response process from a technical standpoint, ensuring effective management of all cyber incidents.

• Assist the Incident Manager in facilitating post-incident reviews.

• Work together with global stakeholders in technical discussions to synchronize response efforts and communicate efficiently with technical audiences during incidents.

• Utilize Incident Analysis context to pinpoint gaps and enhance detection and response capabilities through refining use cases, developing automation, and documenting procedures.

• Handle incident responses and manage tickets from start to finish with a commitment to quality.

• Perform investigations on hosts and networks to identify and mitigate malicious activities utilizing tools such as Sysinternals, Wireshark, and TCPDump.

• Conduct log analysis across operating systems, web applications, network devices, and security tools (e.g., Anti-malware, EDR, IDS, WAF, DLP).

• Engage in research and intelligence gathering using OSINT tools like Shodan and VirusTotal.

⛳️ Requirements

• A minimum of 3 years of experience in cybersecurity or closely related fields, with at least 2 years in a SOC or incident response role; candidates with relevant Cyber Security knowledge demonstrating essential skills may also be considered.

• Advanced certifications (e.g., GCIA, GSEC, CEH, GCDA, GCIH, GCFA, OSCP) are preferred but not mandatory.

• Demonstrated self-learning capabilities through research, GitHub projects, bug hunting, active involvement in public cybersecurity forums, or high performance on platforms like HTB, Immersive Labs, TryHackMe, and SANS CTF is advantageous.

• Strong experience in query languages such as KQL and Logscale for investigations and log analysis is highly favorable.

• Some experience in programming, including languages such as C, Python, Go, and/or others is desirable.

• Familiarity with assembly language is a plus, though not essential.

• Experience in User Interface/User Experience (UI/UX) design and development is advantageous but not required.

• Proficiency in the development and deployment of dockerized applications is desirable but not essential.

• Experience across various platforms (Linux, MacOS, mobile, etc.) is expected.

• A background in intelligence work is a bonus.

• Knowledge of scripting languages (e.g., Bash, Python, PowerShell) for automation and process enhancement is favorable.

🏝️ Benefits

• Flexible working arrangement: Remote work with occasional in-person team building activities.

• Collaborative Culture: Experience a supportive and inclusive work environment that values teamwork and innovation. We believe in open communication and knowledge sharing, ensuring that every team member feels empowered and valued.

• Work-Life Balance: We recognize the significance of maintaining a healthy work-life balance. Our flexible working arrangements and supportive policies enable you to excel in your role while enjoying your personal life.