Security Operations Lead

New
PortoFull-TimeLead
Salary50,400 - 79,200 EUR per year
Apply NowOpens the employer's application page

Job Details

Required Skills
AWSPythonBashGCPGo

Requirements

  • Bachelor’s degree in Computer Science, Cybersecurity, or equivalent experience.
  • Proven experience scaling a SOC through automation and AI (SOAR, LLM-assisted triage, ML-driven detection).
  • Hands-on experience structuring or maturing a SOC.
  • Deep SIEM expertise (e.g., Splunk, Sentinel, Chronicle, Elastic).
  • Prior experience as the technical lead of a SOC or CSIRT team.
  • Strong incident response track record leading high-severity investigations.
  • Experience in cloud environments (AWS and/or GCP).
  • Strong scripting and development skills (Python, Go, Bash).
  • Working knowledge of EDR/XDR, identity, and network detection telemetry.
  • Fluency with security frameworks (NIST 800-61, CIS Controls, MITRE ATT&CK, ISO 27001).
  • Background in threat modeling and adversary emulation.
  • Excellent communication and cross-functional leadership skills.
  • Digital forensics experience.

Responsibilities

  • Set the strategy and technical direction for Sword’s Security Operations Center.
  • Drive an AI- and automation-first transformation of security operations using SOAR and LLM-assisted workflows.
  • Lead the SOC/CSIRT team, mentor engineers, and act as incident commander.
  • Own the SIEM end-to-end and evolve detection-as-code content.
  • Manage high-severity incident response from detection through recovery and post-incident review.
  • Run threat intelligence and threat hunting programs.
  • Define and report on SOC performance metrics to drive continuous improvement.
  • Influence security architecture and engineering decisions across the company.
  • Establish and improve incident response playbooks and tabletop exercises.
View Full Description & ApplyYou'll be redirected to the employer's site
50,400 - 79,200 EUR per year
Apply Now