Security Operations Lead
New
PortoFull-TimeLead
Salary50,400 - 79,200 EUR per year
Apply NowOpens the employer's application page
Job Details
- Required Skills
- AWSPythonBashGCPGo
Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, or equivalent experience.
- Proven experience scaling a SOC through automation and AI (SOAR, LLM-assisted triage, ML-driven detection).
- Hands-on experience structuring or maturing a SOC.
- Deep SIEM expertise (e.g., Splunk, Sentinel, Chronicle, Elastic).
- Prior experience as the technical lead of a SOC or CSIRT team.
- Strong incident response track record leading high-severity investigations.
- Experience in cloud environments (AWS and/or GCP).
- Strong scripting and development skills (Python, Go, Bash).
- Working knowledge of EDR/XDR, identity, and network detection telemetry.
- Fluency with security frameworks (NIST 800-61, CIS Controls, MITRE ATT&CK, ISO 27001).
- Background in threat modeling and adversary emulation.
- Excellent communication and cross-functional leadership skills.
- Digital forensics experience.
Responsibilities
- Set the strategy and technical direction for Sword’s Security Operations Center.
- Drive an AI- and automation-first transformation of security operations using SOAR and LLM-assisted workflows.
- Lead the SOC/CSIRT team, mentor engineers, and act as incident commander.
- Own the SIEM end-to-end and evolve detection-as-code content.
- Manage high-severity incident response from detection through recovery and post-incident review.
- Run threat intelligence and threat hunting programs.
- Define and report on SOC performance metrics to drive continuous improvement.
- Influence security architecture and engineering decisions across the company.
- Establish and improve incident response playbooks and tabletop exercises.
View Full Description & ApplyYou'll be redirected to the employer's site