Galp is an energy company committed to develop efficient and sustainable solutions in its operations and in the integrated offers provided to its clients. We create simple, flexible and competitive solutions for the energy and mobility needs of both industrial and individual consumers. Our portfolio includes multiple types of energy - from renewable electricity to natural gas and liquid fuels.

We contribute to the economic development of the 10 contries in which we operate and to the social progress of our host communities. We are, therefore, leaders in our sector in the main sustainability indexes worldwide. We are 4 geographies, 49 nationalities and more than 6.000 experiences waiting to be shared.  

We are looking for people with strength, passion, determination and vision to be part of our growth. Will you accept the challenge?

Let´s Regenerate the Future Together!

Cyber Defense Professional

Mission:

The Cyber Defense Professional will be part of the Cyber Security Defense team. S/he will be the SOC Team focal point and will contribute to its ongoing development, as well as coordinate the MSSP provider. S/he will also closely work with Galp’s CSIRT (Cyber Security Incident Response Team) in responding to Cybersecurity Incidents targeting Galp. This person will play a crucial role and has to be versatile, willing to learn continuously, and be able to think outside of the box in order to operate effectively in an ever-changing threat landscape.

What you’ll do:

• Lead the development of monitoring use cases in Galp’s SIEM solution;
• Contribute to the creation of incident management playbooks;
• Coordinate the service provided by our MSSP, assuring its quality and that it complies with defined SLAs;
• Participate in the incident management process, collaborating with the CSIRT with offense investigation;
• Define requirements for security monitoring, and apply them to ensure adequate visibility from a security standpoint;
• Actively participate in the continuous improvement of the area’s processes, developing and reviewing documentation and procedures;
• Automate Cybersecurity processes;
• Work with the Cyber Security Architecture team to help improve the Cyber Security Requirements and to elaborate implementation scenarios;
• Support the development of the Cybersecurity tools and capabilities roadmap, actively participating in its definition;
• Participate in the procurement process for tools and services related to Cybersecurity, including creating RFI/RFP;
• Ability to work as part of a team – “If you want to go fast, go alone. If you want to go far, go together.”

What you’ll need:

• Degree in Computer Engineering (or similar).
• Minimum four years’ experience in Cybersecurity functions, preferably with experience in a Security Operations Center, protection and monitoring solutions, incident management, vulnerability analysis, or other cybersecurity activities.
• Good overall knowledge of cybersecurity and information systems, including architecture, networking, cloud environments and hybrid architectures;
• Advanced knowledge of security technologies;
• Knowledge of general incident management principles, security assessment processes, and metrics collection and reporting;
• Industry recognized certifications (such as CEH, CHFI, CSA, GSEC, GCED, etc.) or training in cybersecurity and related fields;
• Previous experience in Cybersecurity functions in large scale corporate environments, with multiple Business Units and geographies;
• Experience with SIEM tools is mandatory;
• Experience in OT security and Soar solutions are a strong plus;
• Fluent in Portuguese and English, Spanish is a Plus

Diversity Commitment

At Galp, we promote equality of opportunity and treatment of people regardless of gender, age, religion or belief, different capabilities, sexual orientation, political ideology, race or ethnicity. We believe that diversity creates value and strengthens the Group´s relationships and culture.