Alter Solutions Portugal is hiring a
L3 SOC Analyst / Incident Responder

Summary

Join our cybersecurity team as an experienced L3 SOC Analyst / Incident Responder to lead advanced threat detection, incident response activities, and drive the continuous improvement of our security operations.

Requirements

• 5+ years of experience in a SOC environment, with a focus on incident response and advanced threat detection
• Proven track record of handling complex security incidents and conducting forensic investigations
• Expertise in SIEM platforms (e.g., Splunk, QRadar), IDS/IPS, firewalls, and endpoint detection and response (EDR) tools
• Proficiency in scripting languages (e.g., Python, PowerShell) for automation and custom detection use cases
• Strong understanding of network protocols, malware analysis, and cybersecurity frameworks (e.g., MITRE ATT&CK, NIST)
• Experience with threat hunting techniques and tools, as well as familiarity with threat intelligence platforms
• Excellent problem-solving skills and the ability to work under pressure during high-stress incidents
• Strong communication skills, capable of explaining technical issues to both technical and non-technical stakeholders
• A proactive mindset with a passion for staying current with the latest cybersecurity trends and threats

Responsibilities

• Monitor and analyze security events from various sources, including SIEM, EDR, NDR, firewalls, and other protection systems
• Identify and respond to advanced persistent threats (APTs) and complex security incidents
• Lead incident response efforts, including investigation, containment, eradication, and recovery
• Coordinate with other teams to manage and mitigate security incidents, ensuring minimal impact on business operations
• Perform in-depth forensic analysis on compromised systems, including malware analysis, network traffic analysis, and log analysis
• Document findings and provide detailed incident reports
• Proactively hunt for hidden threats in the network, using threat intelligence, behavioral analysis, and anomaly detection techniques
• Identify and mitigate potential security risks before they escalate
• Collaborate with the SOC team to continuously improve detection capabilities, including tuning and optimizing SIEM rules, developing custom scripts, and integrating new tools and technologies
• Provide guidance and mentorship to junior SOC analysts (L1/L2), sharing knowledge and best practices for incident response and threat detection
• Prepare detailed post-incident reports that include root cause analysis, impact assessments, and recommendations for future prevention measures
• Communicate findings to senior management and relevant stakeholders
• Develop and maintain incident response playbooks, ensuring they are up-to-date and aligned with the latest threat landscape and industry best practices
• Work closely with other IT and security teams, including vulnerability management, IT operations, and network security, to strengthen the organization’s overall security posture

Benefits

• Remote work available for a majority of our projects
• A Flex Office work environment available to everyone at all times to promote communication and collaboration
• Expert communities to share and disseminate skills within the group
• Close project management and HR support
• Annual training and certification opportunities
• Recognition of our consultants' expertise development
• Strong openness to short-term or long-term international mobility