108 Empregos para Analista De Soc - Portugal

Decskill, founded in 2014 as an IT Consulting Company, places paramount importance on its greatest asset: its people. Our main mission is to deliver value through knowledge and talent, and we achieve this by fostering a culture of excellence and investing in the development and well-being of our people. With over 600 dedicated professionals and offices in Lisbon, Porto, Madrid, and Luxembourg, Decskill operates across three core areas:

Decskill Talent: We believe that our people are key to our success. Through Decskill Talent, we empower our team to embrace the digital transformation challenges of our clients. We collaborate with clients to drive innovation, ensuring project success and business growth.

Decskill Boost: Equipping our team with the latest tools and methodologies, we optimize Time-to-Market and deliver innovative solutions exceeding client expectations.

Decskill Connect: Our team collaborates closely with clients to implement and manage IT infrastructures that generate long-term value.

At Decskill, we believe that by nurturing and empowering our people to confront the challenges of digital transformation, we create value not only for our clients but also for our entire ecosystem, fostering a digital community dedicated to growth and progress.

We are looking for a SOC Analyst for a hybrid position (Porto).

Integrated within the Security Operation Center (SOC), the Blue Team is the first line of defence, responsible for defending the enterprise's use of information systems by maintaining its security posture against attackers.

The candidate will have 3 main missions:

1) Analysis:

• Participation in improving correlation and log analysis rules with Splunk
• Mastery of diverse alert investigations linked to different Tactics, Techniques and Procedures
• Conduct prioritization, investigations, research of compromission and blocking actions
• Interpret or perform first level (Sandbox or manual) minimum scans on malicious codes

2) Response to incidents :

• Being able to communicate and escalate efficiently to upper management in case of confirmed incident
• Be the point of reference for technical investigation during incident with less senior SOC analysts
• Perform retro hunting. Qualify and analyze these elements to determine the cause of the incident, the mode of operation of the attack (vulnerabilities use, tactics, technics, procedures), the scope and the perimeter of compromise

3) Knowledge transfer:

• Knowledge transferring in-house knowledge and writing documentation
• Being able to support the up skilling of less senior SOC analyst

Requisitions:

1) SIEM/SOAR

• Knowledge of the operating principles of Information Monitoring and Security Event Solutions (SIEM).
• Good experience of Splunk and Regex search syntax.
• Good experience of theHive

3) SYSTEM/NETWORK

• Good knowledge of network and system architectures
• Knowledge of the operation of intrusion detection probes and event log correlation tools

4) SECURITY:

• Good knowledge of Mitre Attack framework and counter measures link to the technics and tactics
• Good knowledge of Information monitoring and analysis tools and methods.
• Good knowledge of the security standards for different technologies (web servers, messaging, database, DNS, proxy, firewall, etc.)
• Have a good knowledge on one or more of the following topics:
• Web application vulnerabilities
• Malware types (rootkit, ransomware, botnet, etc.)
• Obfuscation and persistence technics (cryptography, packing, etc.).
• Digital investigation/analysis tools
• SandBox behavioral

If you’re interested in this job please send your CV in English to

Decskill is committed to equality and non-discrimination with all our talents. We recruit and promote talent, based on diversity and inclusion, regardless of age, gender, ethnicity, race, nationality or any other form of discrimination incompatible with the dignity of the human being. The ideal candidate will be responsible for creating, installing and managing our databases. You will ensure optimal database performance by analyzing database issues and monitoring database performance.

About Us

Planck Technologies is a company specialized in Software Development, dedicated to shaping futures and creating value through innovative IT solutions. By expanding teams and offering a comprehensive range of services—from Software Development and Infrastructure Management to Cybersecurity—we empower clients with all the expertise they need in one place. Inspired by the principles of quantum physics, we push beyond traditional boundaries to deliver customized solutions that redefine the IT landscape and drive shared success.

About the job (Location: Onsite, Brussels)

• Monitor and respond to cybersecurity incidents, ensuring business continuity.
• Investigate, analyse, and contain threats, applying incident response best practices.
• Develop and maintain incident handling procedures and response plans.
• Assess and mitigate vulnerabilities across systems and infrastructures.
• Collaborate with SOCs and internal stakeholders on incident reporting and resolution.
• Document findings, actions, and lessons learned to strengthen security posture.

What are we looking for?

• Minimum 13 years of relevant experience plus a Bachelor’s degree in IT or related field.
• Proven expertise in incident detection, response, and recovery.
• Strong knowledge of operating systems, networks, cloud environments, and emerging technologies.
• Hands-on experience in forensics, malware analysis, penetration testing, and log analysis.
• Ability to work effectively under pressure and communicate clearly with stakeholders.
• Relevant certifications (e.g., GCIH, GCFA, GNFA, GREM).

Location: Onsite, Brussels

We're waiting for you !

A PrimeIT é uma empresa de referência, com 19 anos de experiência na prestação de serviços tecnológicos de IT, Telecomunicações e Engenharia.

Especializados em Team Extension, Managed Services, Custom Software e Nearshore, contamos actualmente com uma equipa de mais de 2350 profissionais que colaboram em projectos nacionais e internacionais nas mais diversas tecnologias.

Estamos à procura de um SOC L2 para integrar um dos nossos projetos!

Objetivo:

• Realizar investigação e tratamento de incidentes escalonados pelo N1, garantindo diagnóstico técnico preciso.
• Executar ações de contenção, correção e acompanhamento de falhas em sistemas, redes e segurança.
• Documentar soluções, apoiar a melhoria contínua de processos e atualizar a base de conhecimento.
• Fortes conhecimentos em SIEM,SOAR e Playbooks

Indispensável:

Experiência comprovada em SIEM, criação de Uses Cases, elaboração de Playbooks.

Competências tecnicas:

Soluções de Ticketing |Workflows (Remedy)

O que oferecemos?

• Seguro de Saúde e outros benefícios.
• Plano de Formação e Desenvolvimento.
• Oportunidades de crescimento profissional.
• Ambiente dinâmico e colaborativo.
• Possibilidade de integrar projetos internacionais.

A PrimeIT é uma empresa de referência, com 19 anos de experiência na prestação de serviços tecnológicos de IT, Telecomunicações e Engenharia.

Especializados em Team Extension, Managed Services, Custom Software e Nearshore, contamos actualmente com uma equipa de mais de 2350 profissionais que colaboram em projectos nacionais e internacionais nas mais diversas tecnologias.

Objetivo:

Analista Blue Team, responsável por resposta a incidentes de segurança, criação e orquestração de playbooks.

Principais atividades:

• Criação de Uses Cases, resposta a incidentes de segurança, gestão e manutenção de playbooks.
• Experiência em FortiSiem.
• Desejável certificações na área de cybersecurity.

Regime: presencial, no período noturno 22:00-07:00, estacionamento incluso se necessário.

O que oferecemos?

• Seguro de Saúde e outros benefícios.
• Plano de Formação e Desenvolvimento.
• Oportunidades de crescimento profissional.
• Ambiente dinâmico e colaborativo.
• Possibilidade de integrar projetos internacionais.

A PrimeIT é uma empresa líder com 19 escritórios internacionais, focada em fornecer serviços de IT, Telecomunicações e Engenharia . Impulsionamos o negócio dos nossos parceiros, utilizando a tecnologia mais avançada e os melhores profissionais do setor. Os nossos 17 anos de experiência tornam-nos especialistas em Team Extension, Nearshore, Managed Services e Custom Software . Para isso, contamos atualmente com uma equipa de mais de 2350 profissionais que colaboram em projetos nacionais e internacionais nas mais diversas tecnologias.

LISBOA | PORTO | MADRID | BARCELONA | PARIS | LYON | NANTES | LILLE | AIX-EN-PROVENCE | BORDEAUX | GRENOBLE | TOURS | MILANO | GENÈVE | KATOWICE | WARSZAWA | WROCŁAW | LONDON | SÃO PAULO

We're looking for a SOC Analyst.

The candidate will have 3 main missions - Analysis, Handling incidents and Training.

Knowledge of the operating principles of Information Monitoring and Security Event Solutions (SIEM)

Good knowledge of network and systems architectures.

Good knowledge of the security standards for different technologies (web servers, messaging, database, DNS, proxy, firewall, etc.)

English fluency

What do we offer?

Integration into an international company that is growing daily;

Constant training in the latest and most innovative technologies - Prime Academy;

Coaching and career progression.

Send your CV to and join the PrimeIT team!

PrimeIT é uma empresa de referência, com 18 anos de experiência na prestação de serviços tecnológicos de IT, Telecomunicações e Engenharia.

Especializados em Team Extension, Managed Services, Custom Software e Nearshore, contamos actualmente com uma equipa de mais de 2350 profissionais que colaboram em projectos nacionais e internacionais nas mais diversas tecnologias.

Estamos à procura de um SOC Analyst L1 para este projeto!

O que procuramos?

• Experiência em monitorização de SIEM;
• Experiência na criação de uses cases;
• Experiência na resposta a incidentes de segurança e verificação efetiva da sua resolução;
• Disponibilidade para trabalhar por turnos 24/7.

O que oferecemos?

• Integração numa empresa de dimensão internacional com presença em mais de 50 cidades no mundo;
• Formação constante nas mais recentes e inovadoras tecnologias – Prime Academy;
• Acompanhamento e progressão de carreira.

Envia o teu CV e junta-te à equipa Prime!

We are seeking a Level 2 Cybersecurity Analyst to join our SOC team. You will be responsible for investigating and responding to security incidents, mentoring Level 1 analysts, and strengthening defenses against emerging threats.

What you’ll do

• Provide L2 support focused on monitoring, analysis, and incident response.
• Investigate security incidents and escalate when needed.
• Perform log analysis, threat hunting, and fine-tune detection rules.
• Support and guide L1 analysts in daily operations.
• Manage SOC tickets and ensure timely resolution.

Tech we use

• SIEM: Microsoft Sentinel (KQL), Coralogix
• EDR/XDR: Microsoft Defender Suite, CrowdStrike
• Cloud: AWS GuardDuty, Cloudflare WAF
• Network/Security: Checkpoint, Netscaler, Palo Alto

About you

• SOC or MSSP experience.
• Strong knowledge of SIEM, EDR/XDR, and security frameworks (MITRE, NIST, OWASP).
• Solid understanding of IT infrastructure, Windows/Linux, and networking.

Decskill, founded in 2014 as an IT Consulting Company, places paramount importance on its greatest asset: its people. Our main mission is to deliver value through knowledge and talent, and we achieve this by fostering a culture of excellence and investing in the development and well-being of our people. With over 600 dedicated professionals and offices in Lisbon, Porto, Madrid, and Luxembourg, Decskill operates across three core areas:

Decskill Talent: We believe that our people are key to our success. Through Decskill Talent, we empower our team to embrace the digital transformation challenges of our clients. We collaborate with clients to drive innovation, ensuring project success and business growth.

Decskill Boost: Equipping our team with the latest tools and methodologies, we optimize Time-to-Market and deliver innovative solutions exceeding client expectations.

Decskill Connect: Our team collaborates closely with clients to implement and manage IT infrastructures that generate long-term value.

At Decskill, we believe that by nurturing and empowering our people to confront the challenges of digital transformation, we create value not only for our clients but also for our entire ecosystem, fostering a digital community dedicated to growth and progress.

We are looking for a SOC Analyst for a hybrid position (Porto).

Integrated within the Security Operation Center (SOC), the Blue Team is the first line of defence, responsible for defending the enterprise's use of information systems by maintaining its security posture against attackers.

The candidate will have 3 main missions:

1) Analysis:

• Participation in improving correlation and log analysis rules with Splunk
• Mastery of diverse alert investigations linked to different Tactics, Techniques and Procedures
• Conduct prioritization, investigations, research of compromission and blocking actions
• Interpret or perform first level (Sandbox or manual) minimum scans on malicious codes

2) Response to incidents :

• Being able to communicate and escalate efficiently to upper management in case of confirmed incident
• Be the point of reference for technical investigation during incident with less senior SOC analysts
• Perform retro hunting. Qualify and analyze these elements to determine the cause of the incident, the mode of operation of the attack (vulnerabilities use, tactics, technics, procedures), the scope and the perimeter of compromise

3) Knowledge transfer:

• Knowledge transferring in-house knowledge and writing documentation
• Being able to support the up skilling of less senior SOC analyst

Requisitions:

1) SIEM/SOAR

• Knowledge of the operating principles of Information Monitoring and Security Event Solutions (SIEM).
• Good experience of Splunk and Regex search syntax.
• Good experience of theHive

3) SYSTEM/NETWORK

• Good knowledge of network and system architectures
• Knowledge of the operation of intrusion detection probes and event log correlation tools

4) SECURITY:

• Good knowledge of Mitre Attack framework and counter measures link to the technics and tactics
• Good knowledge of Information monitoring and analysis tools and methods.
• Good knowledge of the security standards for different technologies (web servers, messaging, database, DNS, proxy, firewall, etc.)
• Have a good knowledge on one or more of the following topics:
• Web application vulnerabilities
• Malware types (rootkit, ransomware, botnet, etc.)
• Obfuscation and persistence technics (cryptography, packing, etc.).
• Digital investigation/analysis tools
• SandBox behavioral

If you’re interested in this job please send your CV in English to

Decskill is committed to equality and non-discrimination with all our talents. We recruit and promote talent, based on diversity and inclusion, regardless of age, gender, ethnicity, race, nationality or any other form of discrimination incompatible with the dignity of the human being.The ideal candidate will be responsible for creating, installing and managing our databases. You will ensure optimal database performance by analyzing database issues and monitoring database performance.

PrimeIT é uma empresa de referência, com 18 anos de experiência na prestação de serviços tecnológicos de IT, Telecomunicações e Engenharia.

Especializados em Team Extension, Managed Services, Custom Software e Nearshore, contamos actualmente com uma equipa de mais de 2350 profissionais que colaboram em projectos nacionais e internacionais nas mais diversas tecnologias.

Estamos à procura de um SOC Analyst L1 para este projeto!

O que procuramos?

• Experiência em monitorização de SIEM;
• Experiência na criação de uses cases;
• Experiência na resposta a incidentes de segurança e verificação efetiva da sua resolução;
• Disponibilidade para trabalhar por turnos 24/7.

O que oferecemos?

• Integração numa empresa de dimensão internacional com presença em mais de 50 cidades no mundo;
• Formação constante nas mais recentes e inovadoras tecnologias – Prime Academy;
• Acompanhamento e progressão de carreira.

Envia o teu CV e junta-te à equipa Prime!