Information Security Engineer
Lisbon, Portugal
há 4 dias


Ryanair Holdings plc, Europe’s largest airline group, is the parent company of Buzz, Lauda, Malta Air & Ryanair DAC. Carrying over 154 m guests p.

a. on more than 2,400 daily flights from 82 bases, the group connects over 200 destinations in 40 countries on a fleet of over 475 aircraft, with a further 210 Boeing 737’s on order, which will enable the Ryanair Group to lower fares and grow traffic to 200m p.

a. by FY24. Ryanair has a team of over 19,000 highly skilled aviation professionals delivering Europe’s No.1 on-time performance, and an industry leading 34-year safety record.

Ryanair is Europe’s greenest cleanest airline group and customers switching to fly Ryanair can reduce their CO₂ emissions by up to 50% compared to the other Big 4 EU major airlines.

Ryanair Labs is a state of-the-art digital & IT innovation hub based in Madrid, Dublin and Wroclaw, creating Europe’s Leading Travel Experience for customers.

As a result of our continued expansion, we are opening a fully remote office in Portugal. We want to hear from the best IT professionals Portugal has to offer to join our Ryanair Labs.

The Role

We are looking for a Threat Hunter that will be involved in the Threat Hunting process in our security service delivery.

As threat hunter you will be part of technical research for potential security compromise, analyse known and unknown threats, identify and review potential security incidents.

Strong technical skills as well as good understanding of the cybersecurity topics and solutions are required.

Based out of Lisbon / Porto, this position will be 100% working from home from any location in Portugal.

Please submit your CV in English


  • Identify threats for Ryanair through threat hunting process. Actively hunting for Indicators of Compromise (IOC) and APT Tactics, Techniques, and Procedures (TTP) in the network and in the host as necessary.
  • Operate and improve detection mechanisms by implementing techniques to hunt for threats in our environment based on threat intelligence reports and knowledge of TTPs.
  • Assist initial investigations on potential incidents.
  • Leverage threat intelligence, keeping an up-to-date overview of the current threat landscape.
  • Write clear and concise Incident Reports and incident handling documentation, that can be used to improve the overall security posture.
  • Requirements

  • Bachelor’s degree in IT or comparable work experience.
  • Four years as Threat Hunter work experience preferred.
  • Having experience on both on-premise and cloud infrastructures (AWS, Azure).
  • Strong analytical skills. Used to think flexibly and determine alternatives to problems that could raise during an incident.
  • Experience with different large datasets analysis, security monitoring and endpoint security tools (i.e. ELK, Graylog, Splunk, Symantec, FireEye, AlienVault).
  • Able to identify what logs are necessary to examine for each kind of research.
  • Ability to analyze malware, extracting IOCs and creating signatures for IDS.
  • Ability to create ad-hoc scripts for supporting the threat hunting activity (i.e. Python, Go, Powershell) as well as a good understanding of regular expressions used to parse the data.
  • Forensic certifications are a plus.
  • Experience on red team activities is a plus.
  • Reportar esta oferta de trabalho

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Meu email
    Ao clicar em "Continuar", autorizo a neuvoo a processar os meus dados e a enviar-me alertas de e-mail, conforme detalhado na Política de Privacidade da neuvoo . Posso retirar o meu consentimento ou cancelar a subscrição a qualquer momento.
    Formulário de candidatura