
Senior Security Engineer
Posted 2 hours ago

Posted 2 hours ago
This is a fully remote position, open to applicants in Philippines.
• Take full ownership of the Microsoft Security Stack.
• Supervise and enhance Microsoft 365 Defender, Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, and Defender for Office 365.
• Oversee and fine-tune Microsoft Sentinel by developing and maintaining KQL detection rules, analytics rules, workbooks, and playbooks.
• Assess the Microsoft Secure Score, prioritize enhancement actions, and drive remediation efforts throughout the tenant.
• Set up and manage Conditional Access policies, Microsoft Entra ID (Azure AD) security configurations, and Privileged Identity Management (PIM).
• Monitor and react to security alerts, incidents, and investigations across Defender XDR and Sentinel.
• Create and sustain incident response playbooks, automation workflows (Logic Apps / SOAR), and escalation protocols.
• Engage in threat hunting using KQL to uncover gaps in detection coverage.
• Execute vulnerability assessments and lead remediation initiatives in collaboration with IT and engineering teams.
• Analyze and respond to identity-based threats, phishing attempts, and unusual behavior patterns.
• Act as a technical resource for SOC 2 Type 2 audit preparation and execution.
• Design, implement, and document security controls that meet Trust Service Criteria (TSC) requirements across the company’s toolset.
• Maintain evidence collection for audit deliverables, including access reviews, logging configurations, policy enforcement, and change management records.
• Identify control deficiencies and drive remediation efforts before and during audit periods.
• Collaborate with external auditors, providing technical walkthroughs and supporting evidence requests.
• Implement and enforce security controls across the broader toolset of the company, including SaaS platforms, cloud infrastructure, and endpoint environments.
• Advise and assist IT on secure configurations for onboarding, offboarding, and access provisioning processes.
• Work alongside engineering teams on secure development practices, secrets management, and cloud security posture.
• Generate clear and concise reports on security posture, incident trends, and audit readiness for IT leadership.
• Stay updated on the Microsoft security roadmap, threat landscape, and emerging attack techniques pertinent to the company’s environment.
• Over 5 years of practical experience in a security engineering or security operations role.
• More than 3 years of extensive, hands-on experience with the Microsoft 365 security suite (Defender XDR, Sentinel, Entra ID, Purview).
• Proven experience in supporting or leading a SOC 2 Type 2 audit, from control design to evidence delivery.
• Expertise in KQL (Kusto Query Language) for developing detection rules, hunting queries, and dashboards in Sentinel.
• Knowledge of Azure cloud security, including Azure Security Center / Defender for Cloud, RBAC, and policy management.
• Hands-on experience with SOAR/automation tools, such as Logic Apps, Sentinel playbooks, or similar.
• Microsoft Certified: Security Operations Analyst Associate (SC-200) or Microsoft Certified: Azure Security Engineer Associate (AZ-500) is preferred.
• Flexible work arrangements.
• Opportunities for professional development.
Zscaler
Interface Systems
Brave Software
Binance
Get handpicked remote jobs straight to your inbox weekly.