Security Engineering Lead

THE ROLE

As the regional lead for our Detection, Analysis, and Response Team (DART) in Portugal, you will serve as the "special forces" commander for our security organization. You will lead a high-caliber team of incident responders, maintaining a calm and collected demeanor during high-pressure situations while thinking critically as both an attacker and a defender.

This position is uniquely based at the Farfetch office in Porto, where you will split your leadership and technical expertise between Coupang Corp and Farfetch. You are responsible for overseeing the detection and neutralization of credible threats, developing advanced detective capabilities, and fostering a culture of relentless problem-solving within the regional unit.

WHAT YOU'LL DO

• Act as the functional lead for the Porto DART unit, managing local team members and overseeing the day-to-day security response operations for the region.
• Manage security response workflows and collaboration across both Coupang and Farfetch environments.
• Lead and coordinate responses to complex security anomalies, intrusion attempts, and breaches; oversee root-cause analysis and comprehensive executive reporting.
• Drive advanced threat-hunting initiatives across cloud, endpoint, and network environments to identify undetected threats.
• Serve as the final escalation point for the SOC and provide expert guidance and technical mentorship to Senior engineers and analysts.
• Continuously improve and standardize incident response policies, automated playbooks, and SOC operational processes.
• Partner with global engineering and business leaders through clear, technical, and executive-level communication to neutralize threats and mitigate vulnerabilities.
• Participate in and oversee the on-call rotation to ensure 24/7 response readiness for urgent security events.

WHO YOU ARE

• You have ~10 years experience in Information Security, with at least 7+ years specifically dedicated to Cyber Security Incident Response (CSIRT) or Digital Forensics.
• Experienced in a lead or managerial role, preferably within a global or regional office structure.
• A professional with advanced hands-on experience analyzing and securing events within AWS, Azure or other major Cloud environments.
• An expert in host-based investigations (Windows/Linux) and analyzing logs from EDR, HIPS, DLP, and SaaS solutions.
• You demonstrate mastery of querying SIEM solutions and analyzing high-volume "big data" logs to identify sophisticated patterns of compromise.
• Able to lead the automation of response workflows using Python, Bash, or PowerShell.
• Knowledgeable of mitigating web-based security events using CDN solutions like Akamai or Cloudflare.
• Graduate in Computer Science, Cybersecurity, or equivalent practical experience.
• Advanced industry credentials such as GCIH, GCFA, GNFA, CISSP, or OSCP.
• Deep understanding of container security (Kubernetes, Docker) and network forensics (packet analysis).
• Experience operating SIEM platforms and developing custom detection use cases.
• Fluency in English is required; proficiency in Portuguese or Korean is a plus for regional and headquarters coordination.