As a Senior Security Analyst focused on Incident Response (IR), Threat Intelligence (TI), and Threat Hunting, you will play a critical role in defending OutSystems’ digital assets and global operations. You will lead and support complex investigations, proactively detect threats, and help drive strategic improvements in our security operations capabilities. This is a senior, hands-on technical position within a 24/7 global SOC, requiring deep expertise in attacker TTPs, proactive threat detection, and incident management.
Own complex incident investigations end-to-end, from detection to containment and remediation. Conduct root cause analysis and post-incident reviews.
Continuously hunt for anomalies and threats across on-prem and cloud environments using threat intelligence, analytics, and behavioral patterns.
Monitor global threat actor activity, transform raw intel into actionable defense strategies, and collaborate with internal teams to harden security posture of OutSystems.
Work with engineering and DevSecOps teams to improve detection coverage, enrich SIEM use cases, and automate response processes.
Develop, optimize, and maintain incident response and threat hunting playbooks, ensuring operational excellence and consistency.
Identify gaps, suggest improvements, and contribute to capability building for detection, response, and threat modeling.
4–6+ years of experience in a SOC, MDR, or enterprise security team with hands-on IR, TI, or Threat Hunting focus.
In-depth knowledge of the MITRE ATT&CK Framework, Cyber Kill Chain, and adversary TTPs.
Strong understanding of SIEM tools (e.g., Splunk, Sentinel, QRadar), EDR, and other detection technologies.
Proficiency with scripting or query languages (e.g., Python, PowerShell, KQL, YARA).
Familiarity with AWS, Azure, and/or other cloud environments.
Familiarity with web technologies and protocols (web applications, APIs, service-oriented architectures) and the threats against them.
Experience with log analysis, forensic tools, and threat intelligence platforms (e.g., MISP, ThreatConnect).
Ability to translate technical findings into clear, actionable insights for technical and non-technical audiences.
Strong written and verbal communication skills, with experience presenting to stakeholders or executive teams.