We are looking for an experienced DevSecOps to join our team.
What you'll do: Manage the ingestion and integration of new data sources into the SIEM platform, ensuring accurate data processing and correlation. Enhance SIEM performance, scalability, and automation to improve security event detection and response. Maintain comprehensive documentation of SIEM configurations, onboarding workflows, and incident response procedures. Collaborate with DevSecOps, Security Operations, and Architecture teams to deploy and integrate security technologies effectively. Monitor emerging cyber threats, vulnerabilities, and security trends to refine security operations. Ensure compliance with security standards and frameworks such as NIST, ISO 27001, and GDPR. Develop and implement an efficient security monitoring framework to proactively detect and mitigate risks. Oversee the integration of security platforms into the Elastic Stack ecosystem, following industry best practices. Evaluate and introduce new DevSecOps strategies and security technologies to improve security resilience. Work closely with Security Architecture and Engineering teams to develop and refine automated security tools. Foster collaboration with SOC teams and other Cybersecurity functions to maintain a robust security posture. What you will need to bring: Hands-on expertise in SIEM platforms such as Splunk, Elastic Stack, and Azure Sentinel. Proficiency in Logstash Parsing, Grok, and Regular Expressions (Regex). Strong knowledge of Azure Log Analytics and log management methodologies. Experience with DevSecOps principles and integrating security into CI/CD pipelines. Solid understanding of security monitoring, threat intelligence, and incident response techniques. Practical experience with Cribl Edge/Stream for log management and data transformation. Expertise in integrating security solutions within Elastic Stack. Familiarity with compliance standards (e.g., NIST, ISO 27001, GDPR). Ability to operate within a SOC environment, supporting security event triage and investigations. Strong analytical and troubleshooting skills, with an emphasis on security workflow automation. Excellent communication and collaboration skills to work effectively across teams. What can Syone offer me: Integration in an organization with profound and sustained growth and involvement in pioneering projects with innovative technological solutions; Strong IT training plans; Professional evolution with intervention in ambitious technological projects, both national and internationally. By applying, you accept our GDPR policies. Your personal data in your CV and documents will be used solely for processing your application at SYONE. SYONE, S.A. (NIPC 504729624) is the data controller, located at Rua Alfredo da Silva, 8-A, Edifício Stern, Piso 3D, 2610-016 Amadora. We will use your data to tailor your application to relevant vacancies and for potential employment contracts. If selected, your data will be kept during your employment and for at least two years after. If not selected, your data will be kept for two years for future vacancies and then deleted, except for your contact details. You can exercise your rights (access, rectification, erasure, etc.) by emailing Your data may be shared with our HR service providers and will be stored securely. You can withdraw your consent at any time. We will not use your data for other purposes without your express consent. For more information, email