Security & Risk Professional

EDP is a global energy company that leads based on the values of Innovation, Sustainability and Humanization. Using the technology of the future we create solutions highly focused on the needs of our people and our customers, never neglecting our role and contribution to society. 

The Digital Global Unit (DGU) is an area of EDP SA and its mission is to challenge the organization to think differently and go beyond, in a context of increasingly frequent and faster technological, economic and social changes, creating and disseminating a digital friendly culture, favorable to the development and experimentation of new solutions that create value for the various stakeholders of the EDP Group. To support us in this role, we intend to recruit for the Infrastructure Management department.

Main responsibilities:

We are hiring for a Security Analyst profile for the Offensive Security team that was part of the Security Ops department. This profile will be part of the EDP Group's Cyber Threat Intelligence team.

• Developing profiles of actors, threats, groups and methods of attack, including motivations and capabilities that can impact management decision-making in security operations;
• Collaborate with internal teams to provide actionable intelligence that informs the creation and adjustment of security policies, mitigation measures and alerts for incident identification;
• Contribute to building and maintaining a threat intelligence repository, including indicators of compromise (IOCs), attack techniques, data leaks and other relevant information;
• Analyzing and correlating occurrences in systems that may be relevant from the point of view of data security and privacy;
• Supporting the implementation, monitoring and identification of cases of potential information leaks;
• Experience in identifying and assessing new threats, potential attacks, trends in vulnerabilities being exploited and data leaks;
• Developing and maintaining threat intelligence management standards and procedures;
• Proven experience in cyber threat intelligence analysis, ability to effectively use CTI platforms and tools, such as TIPs.

Looking for people with the following requirements:

• Bachelor's Degree or Master's in Computer Engineering, Computer Security or similar;
• Minimum 3 years' experience in similar functions;
• Experience in:
  • Collecting, analyzing and interpreting relevant data originating from a variety of sources, including intelligence feeds, social networks, dark web forums and other open sources;
  • Capture-the-flag events (CTFs), bug or vulnerability searches (CVEs) is valued.
• Experience and knowledge of OSINT tools and techniques;
• Experience with threat analysis tools, such as intelligence feeds, malware analysis, sandboxes, honeypots, etc;
• Knowledge of:
  • Tactics, techniques and procedures (TTPs) used by malicious groups, cyber threat intelligence (CTI) information sharing standards such as STIX/TAXII, as well as the MITRE ATT&CK(R) and MITRE D3FEND(R) methodology;
  • Programming and scripting to automate tasks (e.g. Python) is valued;
  • Information Security Management Systems (ISO/IEC 27001);
  • General Data Protection Regulation (GDPR);
  • Cloud Security (Advanced).
• Cybersecurity certifications are valued;
• Strong critical and analytical skills;
• Planning and organizational skills.

Joining EDP is to have access to:

• A professional experience in a leading international company in its sector, with flexible working arrangements and hours and an Indefinite Contract;
• Recognition through remuneration compatible with the position and other additional benefits;
• Opportunities for personal and professional development (transversal projects, mobility, volunteering, etc.).

About EDP:
As a socially responsible company, we incorporate our values and practices with the principles of Diversity and Inclusion. To achieve all our objectives, it intends to attract, develop and retain different profiles, assuming diversity as a key factor and differentiator of fundamental innovation in our organization. We welcome and value all people, and we are committed to the inclusion and sense of belonging of each person who is part of the EDP Group.

What makes us proud as an employer:
• TOP Employer Certification by TOP Employers Institute (EDP Portugal; EDP Renewables);
• Gender Equality Index by Bloomberg (EDP Portugal; EDP Renewables);
• Certification in Conciliation (Excellence) by Fundación Másfamília.

If you consider you have profile for this opportunity, apply until 26/09/2023.