Security Analyst (f/m/d)

As a Security Analyst (f/m/d) – Focus on SIEM (Wazuh), you will be a key part of our IT security team. Your primary focus will be on monitoring, analyzing, and optimizing our SIEM system, identifying and assessing security-related events, and proactively responding to threats.

A core aspect of your role is the technical maintenance and development of our Wazuh SIEM system. You will create and optimize detection mechanisms, analyze log data, and develop SIEM rules to enhance threat detection.

Additionally, you will support Vulnerability Management by evaluating security-critical topics. If you have experience in threat hunting and incident response, you can contribute significantly in these areas.

This position offers the opportunity to work in a dynamic environment, develop innovative security solutions, and continuously expand your knowledge.

• A degree in IT security, computer science, a recognized training qualification, or an equivalent qualification.
• Experience with SIEM technologies, ideally with Wazuh.
• Solid knowledge in analyzing security-relevant log data and threat detection.
• Strong understanding of network security architectures, firewalls, and incident response processes.
• Basic scripting knowledge (Shell or Python) for automating SIEM analysis. (Advanced automation experience is a plus!)
• Experience in vulnerability management is beneficial but not mandatory.
• Basic understanding of security risks (OWASP Top 10, SANS 25) and their evaluation using CVSS and CVE.
• Analytical mindset, independent working style, and strong teamwork skills.
• Certifications such as CISSP, CEH, or GIAC are a plus but not required – practical experience matters more.
• Fluency in German and English (spoken and written) is required.

• Maintaining, configuring, and enhancing our Wazuh SIEM system, including optimizing detection mechanisms.
• Analyzing and processing security incidents through log correlation and threat detection.
• Developing and customizing SIEM rules, dashboards, and reports for precise incident detection.
• Assisting in investigating and mitigating security incidents (Incident Response).
• Collaborating with the Vulnerability Management Team to identify and prioritize security weaknesses.
• Optional: Contributing to proactive threat detection if you have experience in threat hunting or forensics.
• Automating security-related processes using Shell or Python scripts to improve efficiency.

• An unlimited fixed-term contract.
• Flexible working hours and the option to work hybrid (2 days/week in the office).
• Modern, spacious workplaces with modern equipment and friendly colleagues in Lisbon (Barata Salgueiro 37) – super central.
• Funding of educational trainings and Rosetta Stone language courses.
• Additional vacation days (25 instead of 22).
• Comprehensive health insurance coverage (including family members — free of charge after probation period).
• Meal allowance card and pizza discounts.
• Subsidy for Urban Sports Membership.
• Public transportation subsidy.
• Laptop of your choice (Apple, Windows, or Linux).
• Regular team and company events.
• Fruits and beverages in the office.