Cybersecurity Operations Lead

Cybersecurity Operations Lead

There's no secret to become number-one, it takes willingness to improve and determination to pursue it.

At GRiT®, it’s all about the journey getting there.

We trust talent and intelligence are important, yet passion and perseverance are key to achieving any goal.

We are Tech Passionate People with a Purpose, delivering solutions while building strong long-term relations.

Recognizing each person’s unique contribution to our collective success, we embrace inclusion and diversity, committed to creating a respectful and socially responsible environment.

People.

Technology.

Innovation.

All-around it.

Are you GRiTTY enough to be part of our journey?

Take the first step by applying now and let’s create our future together.

Job Description: We are looking for a strategic and technical leader to take charge of our client Cybersecurity Operations (Cybersecurity Operations Lead/Manager).

Your main objective will be to ensure the excellence of our SOC, security engineering, and incident response, guaranteeing that service levels (SLAs/KPIs) are consistently met through automation and continuous improvement.

This is not just a high-level management role, we are looking for someone with true hands-on execution capabilities who will act as the ultimate focal point (Tier 3) for complex major incidents, expertly managing both internal teams and external partners (MSSP/MDR).

Must-Have:

Solid Experience: 7+ years in Cybersecurity Operations, with a strong background in SOC, security engineering, and vulnerability/exposure management.

Proven Leadership: 3+ years of experience managing internal technical teams and driving the performance of external vendors and partners (MSSP/MDR governance).

Hands-on & Tier 3 Expertise: Proven ability to execute advanced cybersecurity operations and act as the primary Tier 3 focal point for major incident resolution.

Service Management: Experience in designing service frameworks, defining service catalogs, and measuring operational KPIs and SLAs.

Languages: Mandatory fluency in both Portuguese and English (written and spoken).

Location: Available to work in a Hybrid model based in Porto.

Would be great if you have:

Strong mastery of the Identity Security ecosystem (e.g., Microsoft Entra ID, MDI, Conditional Access policies, and PIM/PAM).

Experience with incident response automation and orchestration (SOAR playbooks, auto-containment, MIM runbooks).

Knowledge of Cloud Security (Defender for Cloud, CSPM/CWPP) and/or OT/ICS network monitoring.

Advanced practices in Exposure Management, going beyond traditional scanning (e.g., Attack Surface Management, BOM/SBOM, threat-informed prioritization like EPSS/KEV).

Hands-on experience in the full lifecycle of Detection Engineering and regular Threat Hunting cadences.

Familiarity with integrating Data Security Ops (DLP, Insider Risk) and Business Continuity plans (DR/BCP, including tabletop exercises).

What’s in it for you:

Continuous Training and Certifications

GRiT Prizes: GRiT Baby Gift, GRiT Birthday Prize, GRiT Recommendation Prize

Exclusive Partnerships/Discounts: (Gym, Health, Well-being, Lifestyle, Financial, etc…)

Unique Events

Welcoming Office (Fruit, Coffee, Pool Table, etc.)

Competitive Compensation

Pay for Performance

#TechWithPassion - Fuel your fire, join our tech tribe!

#ApplyHere: https://grit-solutions.key.work/jobs/opportunity/436