Information Security Engineer – SIEM Specialist

Full Time
  • Full Time
  • Porto
  • 2021-04-10 2021-05-03
  • Informática
  • Licenciatura
Avatar Ryanair
Ver Empresa


Ryanair Holdings plc, Europe’s largest airline group, is the parent company of Buzz, Lauda, Malta Air & Ryanair DAC. Carrying over 154 m guests p.a. on more than 2,400 daily flights from 82 bases, the group connects over 200 destinations in 40 countries on a fleet of over 475 aircraft, with a further 210 Boeing 737’s on order, which will enable the Ryanair Group to lower fares and grow traffic to 200m p.a. by FY24. Ryanair has a team of over 19,000 highly skilled aviation professionals delivering Europe’s No.1 on-time performance, and an industry leading 34-year safety record. Ryanair is Europe’s greenest cleanest airline group and customers switching to fly Ryanair can reduce their CO₂ emissions by up to 50% compared to the other Big 4 EU major airlines.

Ryanair Labs is a state of-the-art digital & IT innovation hub based in Madrid, Dublin, Wroclaw and Portugal, creating Europe’s Leading Travel Experience for customers. As a result of our continued expansion, we are opening a new office in the heart of Madrid City Centre and we want to hear from the best IT professionals Madrid has to offer to join our Ryanair Labs.

The Role

We are currently expanding our IT Security team and hiring for an AWS Information Security Engineer. Based out of Lisbon/Porto, this position will be 100% working from home for any location in Portugal.

All CVs must be submitted through English.


Act as a subject matter expert on logs collection and analysis, on hybrid environments (cloud and on-premise).
Improve detection mechanisms by implementing techniques to hunt for threats in our environment based on threat intelligence reports and knowledge of TTPs.
Assist on investigations on potential incidents.
Leverage threat intelligence, keeping an up-to-date overview of the current threat landscape.
Write clear and concise documentation at both technical and executive level, that can be used to improve the overall security posture.
Assist on security recommendations for improving different architectures.
This role is well-fitted for a seasoned blue team member with hands-on experience on log collection and incident response, who is willing to take the next step to be the central point of contact to improve the security tools of the company and to help on punctual investigations that may arise.


Three years as SOC Level 3 or Threat Hunter work experience preferred. Having experience on both on-premise and cloud infrastructures (AWS, Azure).
Good programming skills to develop scripts, API connectors and automations to support current existing deployments.
Strong analytical skills. Used to think flexibly and determine alternatives to problems that could raise during an incident.
Experience with different large datasets analysis, SIEM and endpoint security tools (i.e. ELK, Graylog, Splunk, Symantec, FireEye, AlienVault).
Able to identify what logs are necessary to examine for each kind of research.
Incident handling capabilities, being able to analyse malware, extracting IOCs and creating signatures for IDS.
Result oriented person


Flight Benefits

Você tem que entrar na sua conta para poder candidatar-se a esta oferta.