Devoteam Cyber Trust | SOC Analyst L1/L2 | Cybersecurity Sector

Devoteam Cyber Trust is seeking a highly skilled and experienced Senior Security Operations Engineer to join the team. In this role, you will operate as a high-level Tier 1/2 analyst within a dynamic Security Operations Centre (SOC), responsible for safeguarding the environment through investigation, incident response, and proactive threat hunting. The position requires combining technical execution with leadership, acting as an escalation point for associate analysts, and contributing to the security posture of a global identity management organisation. Responsibilities: Stay updated on emerging threats and cybersecurity best practices, continuously improving security operations and procedures Participate in an off-hours on-call rotation to ensure continuous security coverage Ensure timely resolution of security cases, operating within defined SLAs Produce detailed technical incident reports and communicate findings to stakeholders Conduct front-line investigations of security alerts, ensuring thorough analysis and coordination with partner teams Assess the scope and impact of security risks and drive mitigation and resolution activities Monitor security investigations, perform analysis, and apply remedial or protective actions Proactively hunt for suspicious or malicious activity using threat intelligence and advanced analytics Act as an escalation point for associate analysts, guiding complex cases Participate in the global incident response team during major incidents and contribute to post-incident reviews Requirements: Proven experience in Security Operations as a Tier 1/2 analyst, with end-to-end investigation experience Strong commitment to continuous learning and awareness of cybersecurity trends and emerging threats Ability to work on-call and manage time effectively in high-pressure environments Experience working within SLA-driven frameworks and producing high-quality technical documentation Intermediate knowledge of security frameworks such as NIST CSF, MITRE ATT&CK, and OWASP Technical proficiency in risk assessment and mitigation in complex environments Hands-on experience with EDR solutions, SASE providers, and Identity Protection controls Intermediate knowledge of the AWS Security Stack Familiarity with Detection-as-Code methodologies and their principles Experience as a senior team member or escalation point supporting junior analysts Experience in incident response teams, particularly in large-scale incident management Full professional proficiency in English and Portuguese Nice to have: Certifications such as CompTIA Security+, GCIH, GCDA, or AWS Certified Security – Specialty Experience with password management security or high-sensitivity identity data environments Experience in a fully remote, global SOC environment The Devoteam Group works for equal opportunities, promoting its employees based on merit and actively fights against all forms of discrimination. We are convinced that diversity contributes to the creativity, dynamism and excellence of our organization. All of our vacancies are open to people with disabilities. Devoteam Cyber Trust is the Cybersecurity specialist arm of the Devoteam Group. With our 800+ experts located across EMEA, we aim to establish cybersecurity as an enabler of business success rather than a gatekeeper. We leverage an end-to-end approach to Cyber Resilience, Applied Security, and Managed Security services to secure the tech journey of large and medium-sized companies from all sectors and industries. Since 2009, previously known as INTEGRITY, our team based in Portugal is specialised in providing cutting-edge Managed Security Services that combine its expertise and proprietary technology to consistently and effectively reduce the cyber risk of our clients. The comprehensive service range includes Persistent Intrusion Testing, ISO 27001, PCI-DSS, GRC Consulting and Solutions, and Third-Party Risk Management. ISO 27001 (Information Security) and ISO 9001 (Quality) certified, PCI-QSA, and member of CREST and CIS - Centre for Internet Security, we provide services to a considerable number of clients, operating in more than 20 countries.