SOC Analyst L1/L2 – Cybersecurity

This is a fully remote position, open to applicants in Portugal.

📋 Description

• Stay informed about emerging threats and best practices in cybersecurity, continuously enhancing security operations and processes.

• Participate in an off-hours on-call rotation to maintain uninterrupted security coverage.

• Ensure prompt resolution of security incidents while adhering to defined service level agreements (SLAs).

• Generate comprehensive technical incident reports and relay findings to relevant stakeholders.

• Conduct initial investigations of security alerts, ensuring thorough analysis and collaboration with partner teams.

• Evaluate the scope and impact of security threats and lead mitigation and resolution efforts.

• Oversee security investigations, conduct analyses, and implement protective or remedial measures.

• Actively search for suspicious or malicious activities utilizing threat intelligence and advanced analytics.

• Serve as an escalation point for associate analysts, providing guidance on complex cases.

• Contribute to the global incident response team during significant incidents and assist in post-incident evaluations.

⛳️ Requirements

• Demonstrated experience in Security Operations as a Tier 1/2 analyst, with comprehensive investigation skills.

• Strong dedication to ongoing learning and awareness of cybersecurity trends and emerging threats.

• Ability to handle on-call duties and effectively manage time in high-pressure situations.

• Experience working within SLA-driven environments and producing high-quality technical documentation.

• Intermediate understanding of security frameworks such as NIST CSF, MITRE ATT&CK, and OWASP.

• Technical expertise in risk assessment and mitigation within complex environments.

• Practical experience with EDR solutions, SASE providers, and Identity Protection controls.

• Intermediate knowledge of the AWS Security Stack.

• Familiarity with Detection-as-Code methodologies and their underlying principles.

• Experience as a senior team member or escalation support for junior analysts.

• Background in incident response teams, especially in managing large-scale incidents.

• Full professional proficiency in both English and Portuguese.

• Certifications such as CompTIA Security+, GCIH, GCDA, or AWS Certified Security – Specialty (preferred).

• Experience with password management security or handling high-sensitivity identity data environments (preferred).

• Experience in a fully remote, global SOC environment (preferred).

🏝️ Benefits

• Health insurance

• Flexible work arrangements

• Professional development opportunities