Skip to Content

Senior Security Operations Engineer

Taguig City, Ncr-Fourth District

Configuring, managing, and monitoring firewalls, IDS/IPS, and anti-malware across Azure and hybrid networks to keep controls tuned against emerging threats

Coordinating and supporting vulnerability assessments using Nessus, Qualys, and Azure Security Center, then driving remediation directly with asset owners

Orchestrating incident response from triage through containment, forensics, and post-mortems, using Microsoft Sentinel, Defender XDR, and SOAR playbooks

Operationalizing threat intelligence -- consuming CTI feeds, managing IOCs, and translating threat actor activity into detection rules and response playbooks

Owning Cloud Security Posture Management (CSPM) across Azure environments using Defender for Cloud, identifying misconfigurations, and enforcing security baselines

Supporting security policy development and SOP documentation aligned to NIST frameworks, contributing to audit readiness where required

Performing forensic investigations across Azure and AWS environments, collecting and preserving evidence suitable for legal or compliance proceedings

Automating routine security tasks with PowerShell, Azure Automation, and REST APIs to shorten detection and response cycles

Mentoring junior analysts and serving as technical lead on cross-functional security projects

Qualifications

Must Have

Availability to work on nightshift schedules (flexible)

8+ years in security operations or cybersecurity engineering with a heavy focus on Azure security solutions

Hands-on mastery of the Microsoft security stack: Azure AD, Microsoft Sentinel, Defender for Endpoint/Identity/Cloud Apps, Intune, and Windows Server hardening

Proven experience authoring and operationalizing SIEM use cases and SOAR playbooks, building and tuning them

Familiarity with vulnerability scanning tools such as Nessus or Qualys, with experience driving remediation workflows with asset owners

Strong background with EDR, firewalls, IDS/IPS, vulnerability scanners, and encryption protocols

Proficiency in PowerShell scripting; working knowledge of AWS security services including GuardDuty, Security Hub, and IAM

Experience with threat intelligence platforms and operationalizing CTI feeds into detection and response workflows

 

Strong Advantage

Certifications such as CISSP, CISM, CCSP, AZ-500, MS-500, or ISO 27001 Lead Implementer/Auditor

Experience guiding organizations through ISO 27001 and/or SOC 2 readiness and audits

Experience with PCI-DSS, GDPR, or HIPAA compliance frameworks

Background in DevSecOps pipelines and infrastructure-as-code security scanning

Solid background in Cloud Security Posture Management (CSPM), ideally via Defender for Cloud or a comparable platform

Experience conducting forensic investigations across Azure or AWS environments, including evidence collection for legal or compliance proceedings

 

Nice to Have

Python or Bash scripting alongside PowerShell

Exposure to fraud-detection tooling and eCommerce security analytics

Working knowledge of ITIL practices and secure SDLC principles

Must Have

Must Have

Availability to work on nightshift schedules (flexible)

8+ years in security operations or cybersecurity engineering with a heavy focus on Azure security solutions

Hands-on mastery of the Microsoft security stack: Azure AD, Microsoft Sentinel, Defender for Endpoint/Identity/Cloud Apps, Intune, and Windows Server hardening

Proven experience authoring and operationalizing SIEM use cases and SOAR playbooks, building and tuning them

Familiarity with vulnerability scanning tools such as Nessus or Qualys, with experience driving remediation workflows with asset owners

Strong background with EDR, firewalls, IDS/IPS, vulnerability scanners, and encryption protocols

Proficiency in PowerShell scripting; working knowledge of AWS security services including GuardDuty, Security Hub, and IAM

Experience with threat intelligence platforms and operationalizing CTI feeds into detection and response workflows

 

Strong Advantage

Certifications such as CISSP, CISM, CCSP, AZ-500, MS-500, or ISO 27001 Lead Implementer/Auditor

Experience guiding organizations through ISO 27001 and/or SOC 2 readiness and audits

Experience with PCI-DSS, GDPR, or HIPAA compliance frameworks

Background in DevSecOps pipelines and infrastructure-as-code security scanning

Solid background in Cloud Security Posture Management (CSPM), ideally via Defender for Cloud or a comparable platform

Experience conducting forensic investigations across Azure or AWS environments, including evidence collection for legal or compliance proceedings