Back to Jobs
Porto Remote (Global) Employment

Sword Health is hiring a Security Operations Lead (SecOps)

Responsibilities

  • Define the long-term vision and technical roadmap for the Security Operations Center, including its operating model, detection infrastructure, SIEM architecture, and incident response capabilities.
  • Lead the integration of artificial intelligence and automation into security workflows by developing SOAR playbooks, implementing LLM-assisted triage systems, and deploying machine learning models to improve detection speed and reduce response times.
  • Provide technical leadership to the SOC/CSIRT team, including mentoring engineers, improving investigation quality, managing on-call rotations, and leading incident command during critical events.
  • Manage the full lifecycle of the SIEM platform, including data ingestion, schema normalization, retention policies, cost optimization, and detection rule tuning, ensuring alignment with MITRE ATT&CK and organizational threats.
  • Direct end-to-end response for high-impact security incidents, from initial detection through containment, eradication, recovery, and post-mortem analysis, coordinating with engineering, IT, legal, and executive teams.
  • Operate proactive threat intelligence and hunting programs that translate emerging adversary tactics into improved detection logic, system hardening, and strategic risk guidance.
  • Measure and report on key SOC performance indicators such as mean time to detect, mean time to respond, detection coverage, automation levels, false positive rates, and team sustainability.
  • Collaborate with architecture and engineering teams to embed detection, response, and recovery capabilities into new systems and platforms from initial design.
  • Develop, maintain, and refine incident response procedures, runbooks, and simulation exercises to ensure organizational preparedness and resilience.

Work Arrangement

Remote (Worldwide)

Other

AI fluency is a core expectation at Sword Health. Every candidate is assessed against a three-level framework: Explorer (Level 1) — Uses AI daily to boost personal productivity; Builder (Level 2) — Creates workflows and tools that elevate the whole team; Integrator (Level 3) — Embeds AI into products and processes at scale. Every hire must demonstrate at least Level 1.

About company
Sword Health
Sword Health builds an AI Care platform that delivers world-class healthcare through AI, starting with pain care and expanding into women’s health, movement health, and mental health. The platform enables healthcare organizations to reduce costs while improving accessibility and quality of care.
All jobs at Sword Health Visit website
Job Details
Department Technology & AI – Information Security
Category security
Posted a month ago