Act as the functional lead for the Lisbon DART unit, managing local team members and overseeing the day-to-day security response operations for the region.
Manage security response workflows and collaboration across both Coupang and Farfetch environments.
Lead and coordinate responses to complex security anomalies, intrusion attempts, and breaches; oversee root-cause analysis and comprehensive executive reporting.
Drive advanced threat-hunting initiatives across cloud, endpoint, and network environments to identify undetected threats.
Serve as the final escalation point for the SOC and provide expert guidance and technical mentorship to Senior engineers and analysts.
Continuously improve and standardize incident response policies, automated playbooks, and SOC operational processes.
Partner with global engineering and business leaders through clear, technical, and executive-level communication to neutralize threats and mitigate vulnerabilities.
Participate in and oversee the on-call rotation to ensure 24/7 response readiness for urgent security events.

You have ~10 years experience in Information Security, with at least 7+ years specifically dedicated to Cyber Security Incident Response (CSIRT) or Digital Forensics.
Experienced in a lead or managerial role, preferably within a global or regional office structure.
A professional with advanced hands-on experience analyzing and securing events within AWS, Azure or other major Cloud environments.
An expert in host-based investigations (Windows/Linux) and analyzing logs from EDR, HIPS, DLP, and SaaS solutions.
You demonstrate mastery of querying SIEM solutions and analyzing high-volume "big data" logs to identify sophisticated patterns of compromise.
Able to lead the automation of response workflows using Python, Bash, or PowerShell.
Knowledgeable of mitigating web-based security events using CDN solutions like Akamai or Cloudflare.
Graduate in Computer Science, Cybersecurity, or equivalent practical experience.
Advanced industry credentials such as GCIH, GCFA, GNFA, CISSP, or OSCP.
Deep understanding of container security (Kubernetes, Docker) and network forensics (packet analysis).
Experience operating SIEM platforms and developing custom detection use cases.
Fluency in English is required; proficiency in Portuguese or Korean is a plus for regional and headquarters coordination.

Health insurance for the whole family, flexible working environment and well-being support and tools
Extra days off, sabbatical program and days for you to give back for the community
Training opportunities and free access to Udemy
Flexible benefits program

Security Engineering Lead

Key skills