Job Closed
This listing is no longer active.
Intelligence Applied
Senior Information Security Engineer
Location
Portugal
Posted
5 days ago
Salary
0
Seniority
Senior
Job Description
Senior Information Security Engineer
Intapp
• Own the end-to-end vulnerability management lifecycle across Azure and AWS environments, including triage, prioritisation, and tracking through to remediation. • Build and maintain Threat & Vulnerability Management (TVM) dashboards and Azure Data Explorer queries to surface real-time risk posture, remediation trends, and SLA adherence. • Produce and maintain Monthly Security KPI Dashboards covering Microsoft Secure Scores, tooling coverage metrics, and vulnerability remediation performance across all cloud environments. • Partner with Cloud Engineering and SRE teams to drive remediation of critical and high-severity findings within defined SLAs, escalating blockers and tracking progress to closure. • Manage and operationalise External Attack Surface Management (EASM) tooling (e.g. BlackKite) to continuously assess and monitor Intapp’s external threat exposure and digital footprint. • Translate external posture findings into prioritised remediation actions and track outcomes rigorously through to closure, reporting status to security leadership. • Monitor and report on third-party and supply chain risk signals surfaced through external posture tooling, contributing to broader vendor risk management processes. • Design, implement, and maintain policy-based security controls for Kubernetes workloads across Azure (AKS) and AWS (EKS) environments. • Collaborate with DevOps and SRE teams to embed Kubernetes security controls into deployment pipelines and operational runbooks. • Develop and maintain Microsoft Sentinel data connectors and platform integrations to ensure comprehensive security telemetry coverage across Azure and AWS.
Job Requirements
- 8+ years in Information Security, Cybersecurity, or related IT disciplines.
- Proven experience owning vulnerability management programmes, including TVM platforms (e.g. Microsoft Defender TVM, Qualys, Tenable, or similar).
- Strong Microsoft Azure security experience; AWS experience beneficial.
- Any hands-on experience with Kubernetes security controls (AKS and/or EKS); working knowledge of policy enforcement engines such as Kyverno or OPA/Gatekeeper is a definite plus.
- Microsoft Sentinel experience, including data connectors, analytics rules, workbooks, and KQL query development.
- Experience building security metrics, dashboards, and KPI reports — including Azure Data Explorer and/or Power BI.
- Familiarity with any External Attack Surface Management (EASM) tooling (e.g. BlackKite, Security Scorecard, or equivalent).
- Proficiency with scripting and automation languages (PowerShell, Azure CLI, Python, or equivalent).
- Managed and automated system security policies, patching and/or monitoring of cloud systems based on security best practices (IaaS, PaaS, SaaS).
- Ideally has designed, developed, implemented and/or monitored Identity and Access Management controls.
- Strong understanding of common security frameworks and standards: NIST, CIS, ISO 27001, OWASP.
- Ability to work effectively with a broad cross-section of technical and non-technical stakeholders to explain, prioritise, and enforce security measures.
Benefits
- A state-of-the-art facility with a fully stocked kitchen – only a 2-minute walk to/from Gare do Oriente.
- A hybrid work system supporting agile and flexible hours.
- Attractive compensation – including competitive base pay and performance-based variable pay.
- Equity/Stock in Intapp.
- Opportunity to travel to other development centers for product training and cross-site collaboration.
- One-time home office stipend.
- Generous paid parental leave (including adoptive leave), marriage leave, bereavement leave, carer's leave, and paid sick days.
- Meal allowance.
- Reimbursement for training towards continuing education.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Define, govern, and evolve cybersecurity architecture models and standards, aligning global frameworks (NIST, ISO 27001, CIS, COBIT) with the specific needs of operations; • Lead security architecture projects and initiatives for multi-cloud, on-premises, network, application, industrial IoT/IIoT, data, and mobility environments; • Design solutions for threat prevention, detection, containment, and remediation, integrating SIEM, SOAR, EDR, IAM systems, and advanced encryption; • Contribute to defining identity and access policies and controls (IAM, SSO, MFA), network segmentation, endpoint protection, vulnerability management, and governance; • Promote integration between physical security, IT, OT (Operational Technology), and operations teams to create resilient, secure environments; • Develop and validate business continuity, cyber disaster recovery, and incident response strategies; • Evaluate and implement innovative security solutions (Zero Trust, Cloud Security Posture Management, Threat Intelligence, security automation and orchestration); • Ensure compliance with data protection laws and regulations in the countries where the company operates (LGPD, GDPR, PIPEDA); • Produce and maintain technical documentation, security plans, best-practice guides, and training for internal teams; • Participate in technical communities, forums, audits, and global compliance assessments; • Other routine duties of the area.
• Implement and maintain robust security controls to protect our cloud infrastructure and applications. • Discover, remediate, and validate security issues across cloud infrastructure. • Perform architectural/design reviews through a security lens and provide timely, actionable requirements and recommendations. • Collaborate with security leadership, compliance, and engineering teams to execute security strategies. • Build, deploy, and manage security tools such as WAF, IDS/IPS, workload protection, GCP Command Center, and Azure Security Center, etc. • Propose and contribute to security and compliance improvements for nesto CI/CD pipelines and deployment processes. • Automate infrastructure provisioning and deployment processes using Infrastructure as Code (IaC) tools like Terraform or Pulumi. • Design and operate scalable processes to provision cloud access and maintain least privilege. • Participate in and support the incident detection and response process by enhancing observability and alerting and assisting the incident response team. • Self-organize and prioritize activities independently. • Support audits and first-party security questionnaires. • Conduct and oversee security assessments and threat modeling exercises. • Implement security controls within Kubernetes. • Build DevSecOps tools/integrations.
• Implement and maintain robust security controls to protect our cloud infrastructure and applications. • Discover, remediate, and validate security issues across the cloud infrastructure. • Conduct security-focused architecture and design reviews and provide timely, actionable requirements and recommendations. • Collaborate with security leadership, compliance teams, and engineering teams to execute security strategies. • Build, deploy, and manage security tools such as WAF, IDS/IPS, workload protection, GCP Security Command Center, Azure Security Center, etc. • Propose and contribute to security and compliance improvements for nesto's CI/CD pipelines and deployment processes. • Automate infrastructure provisioning and deployment processes using Infrastructure as Code (IaC) tools such as Terraform or Pulumi. • Design and operate scalable processes to provision cloud access and maintain the principle of least privilege. • Participate in and support the detection and incident response process by improving observability and alerts, and assisting the incident response team. • Self-organize and prioritize activities autonomously. • Support first‑party security audits and security questionnaires. • Conduct and oversee security assessments and threat modeling exercises. • Implement security controls within Kubernetes. • Build DevSecOps tools and integrations.
Role Description Als Information Security Consultant (m/w/d) begleitest Du unsere Kunden partnerschaftlich und serviceorientiert beim Aufbau, Betrieb und der Weiterentwicklung moderner ISMS-Strukturen. In enger Zusammenarbeit mit Kunden analysierst du Geschäftsmodelle und technische Gegebenheiten und entwickelst darauf aufbauend praxistaugliche, auditfähige Lösungen. Kundenkontakt ist zentraler Bestandteil der Rolle - Austausch, Beratung und gemeinsame Lösungsfindung machen Dir idealerweise Spaß. - Enge Zusammenarbeit mit Kunden bei Planung, Umsetzung und Betrieb von ISMS- und Compliance-Strukturen - Durchführung von Gap-Analysen, Ableitung und Priorisierung von Maßnahmen - Erstellung und Abstimmung von Policies, Prozessen, Rollenmodellen, SoA und Nachweisen - Vorbereitung und Begleitung von internen und externen Audits - Übersetzung regulatorischer Anforderungen in praxisnahe Betriebsmodelle - Regelmäßiger Austausch mit technischen, organisatorischen und Management-Stakeholdern Qualifications - Erfahrung in Informationssicherheit, ISMS, GRC, IT-Projekten oder Prozessmanagement - Freude an kundenorientierter Beratung und gemeinsamer Lösungsentwicklung - Fähigkeit, komplexe Security-Themen klar und verständlich zu vermitteln - Erfahrung mit ISO/IEC 27001 (oder hohe Motivation, hier schnell einzusteigen) - Kenntnisse in SOC 2, C5, NIS2 oder DSGVO von Vorteil - Tool-Affinität (z. B. Jira, Confluence, Microsoft 365/SharePoint) - Sehr gute Deutsch- und Englischkenntnisse Benefits - 100 % Remote-Arbeit (Deutschland) - Optionale 4-Tage-Woche - Hoher Kundenkontakt und sichtbarer Impact - Professionelle, offene Kultur mit starkem Fokus auf Service & Zusammenarbeit - Langfristige Entwicklungsperspektiven - Projekte im Umfeld Cloud, AI und Data Center Company Description Heartland Solutions ist eine spezialisierte Beratung für Informationssicherheit, Compliance und Managementsysteme. Wir arbeiten mit technologiegetriebenen Unternehmen aus Cloud, AI und Data Center. Unser Anspruch: Sicherheit entsteht im Dialog mit dem Kunden - und zeigt ihren Wert in funktionierender Umsetzung.
