Purple Team Security Engineer (SIEM & Detection)

Inetum is a European leader in digital services. Inetum’s team of 28,000 consultants and specialists strive every day to make a digital impact for businesses, public sector entities and society. Inetum’s solutions aim at contributing to its clients’ performance and innovation as well as the common good.  

Present in 19 countries with a dense network of sites, Inetum partners with major software publishers to meet the challenges of digital transformation with proximity and flexibility.  

Driven by its ambition for growth and scale, Inetum generated sales of 2.5 billion euros in 2023.  

We are looking for a Purple Team Security Engineer (SIEM & Detection) to join a Cybersecurity Operations team, with a strong focus on the development, evolution and optimization of the SIEM, continuously enhancing detection, analysis and incident response capabilities through the collaboration between offensive and defensive security approaches.

Main Responsibilities

• Develop, configure and continuously improve the SIEM (IBM QRadar) by creating and tuning rules, correlations and use cases for effective security incident detection.
• Perform Ethical Hacking activities within a Red Team context, leveraging the results to improve detection and response mechanisms (Blue Team).
• Analyze, investigate and implement new security technologies and controls, ensuring the protection and monitoring of clients’ critical assets.
• Identify and mitigate gaps in the security architecture, promoting continuous improvement of the overall security posture.
• Provide Level 2 support to the SOC, assisting with security incident analysis, correlation and handling.
• Support client projects from a security consulting perspective, contributing to the definition of security requirements for implemented solutions.
• Collaborate closely with technical teams, SOC and stakeholders, ensuring accessibility, operational effectiveness and alignment with security best practices.

• Proven experience of more than 2 years in a similar role.
• Experience with SIEM solutions, preferably IBM QRadar (or equivalent platforms).
• Experience with Endpoint Detection & Response (EDR) tools, such as CrowdStrike (or similar).
• Knowledge of Cloud Computing and related security challenges.
• Familiarity with detection, response and threat modeling concepts.
• Experience with IP Networks, advanced architectures and integration infrastructures.
• Skills in PowerShell and Shell Scripting for automation and analysis.
• Administration and troubleshooting experience in Linux and Microsoft Windows Server environments.

Valued Technical Skills:

• Offensive security and pentesting tools such as Kali Linux and Burp Suite.
• Knowledge of Kubernetes and containerized environments.

Soft Skills:

• High level of autonomy and ability to manage priorities in complex environments.
• Strong analytical skills, critical thinking and problem‑solving orientation.
• Ability to communicate technical concepts clearly and in a structured manner.
• Strong team spirit and ability to collaborate in multidisciplinary environments.
• High sense of responsibility, attention to detail and strong commitment to the continuous improvement of security.

• Workplace type: Hybrid (max. of 3 times per week in the office).
• Location: Picoas, Lisboa.