Security Operations Engineer II

Summary

Join Viator as a Security Operations Engineer II and elevate our security processes through event data analysis, incident response, tooling, and automation. Collaborate closely with various teams, championing security-conscious decisions. This remote-first role, based within commuting distance of our Lisbon office, involves periodic in-person gatherings. You will take ownership of security incidents, design and implement SIEM solutions, develop runbooks and playbooks, and facilitate tabletop exercises. The position requires experience in security operations, incident management, and SIEM tool configuration, along with expertise in AWS and GCP. Viator offers competitive compensation, flexible work arrangements, and various employee benefits.

Requirements

• Experience in security operations, incident management, and SIEM tool configuration
• In-depth experience with AWS and GCP
• Strong command of at least one programming language (Python, C#, Java, etc.)
• Knowledge of advanced threat detection techniques, blue-team exercises, and incident response strategies
• Proven experience in designing and implementing complex security monitoring solutions
• Expertise in vulnerability assessments, threat hunting, and improving security processes
• Excellent communication and collaboration skills, capable of influencing cross-functional teams
• A proactive and results-driven mindset with a focus on continuous operational improvement

Responsibilities

• Take ownership of security incidents, leading cross-functional teams to resolve issues and mitigate risks
• Design and implement advanced SIEM solutions, ensuring they integrate with various monitoring tools and provide robust event detection
• Develop advanced runbooks and playbooks that support complex incident types and cross-team collaboration
• Facilitate tabletop exercises with stakeholders across multiple departments to improve incident response procedures
• Oversee the implementation of security monitoring and ensure tools are aligned with best practices
• Refine and drive the implementation of playbooks and runbooks to ensure quick, effective response to complex security incidents
• Identify operational bottlenecks and suggest improvements to reduce incident resolution time

Preferred Qualifications

• Expertise with advanced SIEM platforms (e.g., Splunk, ArcSight, Wazuh or similar)
• Experience with security automation tools (SOAR), threat intelligence platforms, and incident response orchestration
• Familiarity with threat modelling, red-team/blue-team exercises, and advanced attack simulation techniques
• Experience with cloud security and infrastructure monitoring (AWS, Azure, GCP)
• Knowledge of network traffic analysis, endpoint detection, and network forensics
• Proficiency in scripting languages (e.g., Python, PowerShell, Bash) for automation and custom security tools

Benefits

• Competitive compensation packages , including base salary, annual bonus, and equity
• ���Work your way” with flexibility to suit your lifestyle. We take a remote-friendly approach to collaboration, with the option to join on-site as often as you’d like in select locations
• Flexible schedule . Work-life balance is ingrained in our culture by design. Trust and accountability make it work
• Donation matching . Give back? Give more! We match qualifying charitable donations annually
• Tuition assistance . Want to level up your career? We love to hear it! Receive annual support for qualified programs
• Lifestyle benefit . An annual benefit to spend on yourself. Use it on travel, wellness, or whatever suits you
• Travel perks . We believe that travel is employee development, so we provide discounts and more
• Employee assistance program . We’re here for you with resources and programs to help you through life’s challenges
• Health benefits . We offer great coverage and competitive premiums