Senior Security Operations Engineer
Taguig City, Ncr-Fourth District
• Configuring, managing, and monitoring firewalls, IDS/IPS, and anti-malware across Azure and hybrid networks to keep controls tuned against emerging threats
• Coordinating and supporting vulnerability assessments using Nessus, Qualys, and Azure Security Center, then driving remediation directly with asset owners
• Orchestrating incident response from triage through containment, forensics, and post-mortems, using Microsoft Sentinel, Defender XDR, and SOAR playbooks
• Operationalizing threat intelligence -- consuming CTI feeds, managing IOCs, and translating threat actor activity into detection rules and response playbooks
• Owning Cloud Security Posture Management (CSPM) across Azure environments using Defender for Cloud, identifying misconfigurations, and enforcing security baselines
• Supporting security policy development and SOP documentation aligned to NIST frameworks, contributing to audit readiness where required
• Performing forensic investigations across Azure and AWS environments, collecting and preserving evidence suitable for legal or compliance proceedings
• Automating routine security tasks with PowerShell, Azure Automation, and REST APIs to shorten detection and response cycles
• Mentoring junior analysts and serving as technical lead on cross-functional security projects
Qualifications
Must Have
• Availability to work on nightshift schedules (flexible)
• 8+ years in security operations or cybersecurity engineering with a heavy focus on Azure security solutions
• Hands-on mastery of the Microsoft security stack: Azure AD, Microsoft Sentinel, Defender for Endpoint/Identity/Cloud Apps, Intune, and Windows Server hardening
• Proven experience authoring and operationalizing SIEM use cases and SOAR playbooks, building and tuning them
• Familiarity with vulnerability scanning tools such as Nessus or Qualys, with experience driving remediation workflows with asset owners
• Strong background with EDR, firewalls, IDS/IPS, vulnerability scanners, and encryption protocols
• Proficiency in PowerShell scripting; working knowledge of AWS security services including GuardDuty, Security Hub, and IAM
• Experience with threat intelligence platforms and operationalizing CTI feeds into detection and response workflows
Strong Advantage
• Certifications such as CISSP, CISM, CCSP, AZ-500, MS-500, or ISO 27001 Lead Implementer/Auditor
• Experience guiding organizations through ISO 27001 and/or SOC 2 readiness and audits
• Experience with PCI-DSS, GDPR, or HIPAA compliance frameworks
• Background in DevSecOps pipelines and infrastructure-as-code security scanning
• Solid background in Cloud Security Posture Management (CSPM), ideally via Defender for Cloud or a comparable platform
• Experience conducting forensic investigations across Azure or AWS environments, including evidence collection for legal or compliance proceedings
Nice to Have
• Python or Bash scripting alongside PowerShell
• Exposure to fraud-detection tooling and eCommerce security analytics
• Working knowledge of ITIL practices and secure SDLC principles
Must Have
Must Have
• Availability to work on nightshift schedules (flexible)
• 8+ years in security operations or cybersecurity engineering with a heavy focus on Azure security solutions
• Hands-on mastery of the Microsoft security stack: Azure AD, Microsoft Sentinel, Defender for Endpoint/Identity/Cloud Apps, Intune, and Windows Server hardening
• Proven experience authoring and operationalizing SIEM use cases and SOAR playbooks, building and tuning them
• Familiarity with vulnerability scanning tools such as Nessus or Qualys, with experience driving remediation workflows with asset owners
• Strong background with EDR, firewalls, IDS/IPS, vulnerability scanners, and encryption protocols
• Proficiency in PowerShell scripting; working knowledge of AWS security services including GuardDuty, Security Hub, and IAM
• Experience with threat intelligence platforms and operationalizing CTI feeds into detection and response workflows
Strong Advantage
• Certifications such as CISSP, CISM, CCSP, AZ-500, MS-500, or ISO 27001 Lead Implementer/Auditor
• Experience guiding organizations through ISO 27001 and/or SOC 2 readiness and audits
• Experience with PCI-DSS, GDPR, or HIPAA compliance frameworks
• Background in DevSecOps pipelines and infrastructure-as-code security scanning
• Solid background in Cloud Security Posture Management (CSPM), ideally via Defender for Cloud or a comparable platform
• Experience conducting forensic investigations across Azure or AWS environments, including evidence collection for legal or compliance proceedings