Senior Security Operations Engineer

Summary

Join Viator, a Tripadvisor company, as a Senior Security Operations Engineer and elevate our security processes. You will lead incident response, design SIEM solutions, develop runbooks and playbooks, and facilitate tabletop exercises. This role also involves mentoring junior engineers and improving incident resolution time. Viator is a remote-first company with this role primarily remote, requiring fortnightly visits to the Lisbon office. The position offers competitive compensation, flexible work arrangements, and various employee benefits.

Requirements

• Experience in security operations, incident management, and SIEM tool configuration
• In-depth experience with AWS and GCP
• Strong command of at least one programming language (Python, C#, Java, etc.)
• In-depth knowledge of advanced threat detection techniques, blue-team exercises, and incident response strategies
• Proven experience in designing and implementing complex security monitoring solutions
• Expertise in vulnerability assessments, threat hunting, and improving security processes
• Excellent communication and collaboration skills, capable of influencing cross-functional teams
• Ability to lead tabletop exercises, incident response drills, and post-incident reviews effectively
• A proactive and results-driven mindset with a focus on continuous operational improvement

Responsibilities

• Take ownership of security incidents, leading cross-functional teams to resolve issues and mitigate risks
• Design and implement advanced SIEM solutions, ensuring they integrate with various monitoring tools and provide robust event detection
• Develop advanced runbooks and playbooks that support complex incident types and cross-team collaboration
• Facilitate tabletop exercises with stakeholders across multiple departments to improve incident response procedures
• Oversee the implementation of security monitoring and ensure tools are aligned with best practices
• Mentor and coach junior engineers, providing guidance on threat intelligence, incident management, and security automation
• Refine and drive the implementation of playbooks and runbooks to ensure quick, effective response to complex security incidents
• Identify operational bottlenecks and suggest improvements to reduce incident resolution time

Preferred Qualifications

• Deep expertise with advanced SIEM platforms (e.g., Splunk, ArcSight, Wazuh or similar)
• Experience with security automation tools (SOAR), threat intelligence platforms, and incident response orchestration
• Familiarity with threat modelling, red-team/blue-team exercises, and advanced attack simulation techniques
• Experience with cloud security and infrastructure monitoring (AWS, Azure, GCP)
• Knowledge of network traffic analysis, endpoint detection, and network forensics
• Proficiency in scripting languages (e.g., Python, PowerShell, Bash) for automation and custom security tools
• Experience in managing large-scale security operations and security project management

Benefits

• Competitive compensation packages , including base salary, annual bonus, and equity
• ���Work your way” with flexibility to suit your lifestyle. We take a remote-friendly approach to collaboration, with the option to join on-site as often as you’d like in select locations
• Flexible schedule . Work-life balance is ingrained in our culture by design. Trust and accountability make it work
• Donation matching . Give back? Give more! We match qualifying charitable donations annually
• Tuition assistance . Want to level up your career? We love to hear it! Receive annual support for qualified programs
• Lifestyle benefit . An annual benefit to spend on yourself. Use it on travel, wellness, or whatever suits you
• Travel perks . We believe that travel is employee development, so we provide discounts and more
• Employee assistance program . We’re here for you with resources and programs to help you through life’s challenges
• Health benefits . We offer great coverage and competitive premiums