As a Security Analyst (f/m/d) – Focus on SIEM (Wazuh), you will be a key part of our IT security team. Your primary focus will be on monitoring, analyzing, and optimizing our SIEM system, identifying and assessing security-related events, and proactively responding to threats.A core aspect of your role is the technical maintenance and development of our Wazuh SIEM system. You will create and optimize detection mechanisms, analyze log data, and develop SIEM rules to enhance threat detection.Additionally, you will support the Vulnerability Management by evaluating security-critical topics. If you have experience in threat hunting and incident response, you can also contribute significantly in these areas.This position offers you the opportunity to work in a dynamic environment, develop innovative security solutions, and continuously expand your knowledge.

• Maintaining, configuring, and enhancing our Wazuh SIEM system, including the optimization of detection mechanisms.
• Analyzing and processing security incidents through log correlation and threat detection.
• Developing and customizing SIEM rules, dashboards, and reports for precise incident detection.
• Incident Response: Assisting in investigating and mitigating security incidents.
• Collaborating with the Vulnerability Management Team to identify and prioritize security weaknesses.
• Optional: If you have experience in threat hunting or forensics, you can actively contribute to proactive threat detection.
• Basic automation of security-related processes using Shell or Python scripts to improve efficiency.

• A degree in IT security, computer science, a recognized training qualification, or an equivalent qualification.
• Experience with SIEM technologies, ideally with Wazuh.
• Solid knowledge in analyzing security-relevant log data and threat detection.
• Strong understanding of network security architectures, firewalls, and incident response processes.
• Basic scripting knowledge (Shell or Python) for automating SIEM analysis. (If you have more advanced automation experience, even better!)
• Experience in vulnerability management is beneficial but not mandatory.
• Basic understanding of security risks (OWASP Top 10, SANS 25) and their evaluation using CVSS and CVE.
• Analytical mindset, independent working style, and strong teamwork skills.
• Certifications such as CISSP, CEH, or GIAC are a plus but not required – practical experience matters more to us.
• Fluency in German and English (spoken and written) is required. 

• An unlimited fixed-term contract 
• Flexible working hours and the option to work hybrid (2 days/week in the office)
• Cozy and large workplaces with modern equipment and cordial colleagues in Lisbon (Barata Salgueiro 37) – super central
• Funding of educational trainings and Rosetta Stone language courses
• Additional vacation days (25 instead of 22)
• One of the best health Insurance with great coverage (including family members — free of charge (after probation period)
• Meal allowance card and Pizza discounts
• Subsidy of Urban Sports Membership
• Public transportation subsidy
• Laptop of your choice (Apple, Windows or Linux)
• Regular team and company events
• Fruits and beverages in Office