Uphold

Senior Enterprise Resilience Analyst

Uphold

full-time

Posted on:

Location Type: Hybrid

Location: Braga • 🇵🇹 Portugal

Visit company website
AI Apply
Apply

Job Level

Senior

Tech Stack

AWSAzureCloudCyber SecurityGoogle Cloud Platform

About the role

  • Incident Response & Management: Assist in managing cybersecurity and operational incidents from detection to resolution. Coordinate with internal stakeholders to contain, mitigate, and recover from incidents. Document and refine incident response playbooks, ensuring alignment with industry frameworks (NIST 800-61, etc.)
  • Operational Resiliency & Business Continuity: Support business continuity (BC) and disaster recovery (DR) exercises, ensuring alignment with incident response processes. Contribute to the development and execution of resilience testing (e.g., tabletop exercises, crisis simulations). Maintain incident and resilience program documentation, including response plans and post-incident reports. Work with third parties to assess their incident response and business continuity capabilities.
  • Threat & Risk Assessment: Collaborate with risk and compliance teams to evaluate enterprise risks and recommend mitigation strategies. Perform root cause analysis and post-incident reviews (PIRs) to drive continuous improvement. Analyze incident data to identify trends and provide insights on security and operational vulnerabilities.
  • Cross-Functional Collaboration & Continuous Improvement: Assist in the development of incident and resilience KPIs/metrics to measure program effectiveness. Provide training and awareness sessions for employees on incident response and resiliency best practices. Work with IT, Security, Legal, and Business Units to ensure alignment on regulatory and compliance requirements (ISO 27001, DORA, FFIEC, etc.)

Requirements

  • Bachelor’s degree in Cybersecurity, Information Security, Risk Management, or a related field (or equivalent experience)
  • 5-7 years of relevant experience in incident response, security operations, or business continuity management
  • Overall experience 8+ years
  • Hands-on experience with security monitoring tools (SIEM, EDR, IDS/IPS) and incident handling
  • Familiarity with incident response frameworks (NIST 800-61, SANS PICERL, MITRE ATTACK, etc.)
  • Knowledge of business continuity (BC), disaster recovery (DR), and crisis management principles
  • Ability to document, analyze, and communicate incident response and resilience strategies effectively
  • Strong problem-solving skills and ability to work under pressure during incidents
  • Fluent written and oral English skills
  • Travel to business events and meetings as needed
  • Bonus if you have Certifications such as CISSP, GCIH, CBCP, CISM, or CRISC
  • Experience working with cloud security incidents (AWS, Azure, GCP)
  • Knowledge of compliance requirements (ISO 27001, DORA, FFIEC, etc.)
  • Hands-on experience with cyber threat intelligence (CTI) and threat hunting
  • Experience conducting tabletop exercises and red/blue team simulations
Benefits
  • An amazing work environment
  • Growth and career opportunities
  • Flexible and enthusiastic work environment that offers snacks, a lot of coffee, and other great benefits
  • Interesting events that keep you connected with the team and celebrate our success

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
incident responsesecurity operationsbusiness continuity managementsecurity monitoring toolsincident handlingcyber threat intelligencethreat huntingroot cause analysisresilience testingcrisis management
Soft skills
problem-solvingcommunicationcollaborationtraininganalytical skillsability to work under pressurecontinuous improvementdocumentation skillsorganizational skillsinterpersonal skills
Certifications
CISSPGCIHCBCPCISMCRISC