5+ years of hands-on experience in a security engineering or security operations role
3+ years of deep, practical experience with the Microsoft 365 security suite
Demonstrated experience supporting or leading a SOC 2 Type 2 audit
Proficiency in KQL for building detection rules and hunting queries
Requirements:
Own the Microsoft Security Stack and manage Microsoft 365 Defender and related tools
Monitor and respond to security alerts and incidents across Defender XDR and Sentinel
Serve as a technical resource for SOC 2 Type 2 audit preparation and execution
Implement and enforce security controls across the company’s broader toolset
Job description
Department:Information Technology Position Type:Full-Time Employee Location:Remote Philippines Reports To:Director of Information Technology
Position Overview We are looking for an experienced Senior Security Engineer to join our remote team from the Philippines. This role sits at the core of our security operations and compliance posture while owning our Microsoft 365 security stack, driving threat detection through Microsoft Defender XDR and Microsoft Sentinel, and serving as our primary technical resource for SOC 2 Type 2 compliance.
This is a senior individual contributor role. You will be trusted to operate independently, make sound security decisions, and work cross-functionally with IT, engineering, and leadership to implement and maintain security controls across the company’s toolset.
What You’ll Do Own the Microsoft Security Stack
Manage and optimize Microsoft 365 Defender, Defender for Endpoint, Defender for Identity, Defender for Cloud Apps, and Defender for Office 365
Administer and tune Microsoft Sentinel - build and maintain KQL detection rules, analytics rules, workbooks, and playbooks
Monitor the Microsoft Secure Score, prioritize improvement actions, and drive remediation across the tenant
Configure and maintain Conditional Access policies, Microsoft Entra ID (Azure AD) security settings, and Privileged Identity Management (PIM)
Manage Microsoft Purview compliance features including DLP, sensitivity labels, and information protection policies
Security Operations & Threat Response
Monitor and respond to security alerts, incidents, and investigations across Defender XDR and Sentinel
Develop and maintain incident response playbooks, automation workflows (Logic Apps / SOAR), and escalation procedures
Perform threat hunting using KQL and identify gaps in detection coverage
Conduct vulnerability assessments and lead remediation efforts in coordination with IT and engineering teams
Evaluate and respond to identity-based threats, phishing campaigns, and anomalous behavior patterns
SOC 2 Type 2 Compliance
Serve as a technical resource for SOC 2 Type 2 audit preparation and execution
Design, implement, and document security controls that satisfy Trust Service Criteria (TSC) requirements across the company’s toolset
Maintain evidence collection for audit deliverables - access reviews, logging configurations, policy enforcement, and change management records
Identify control gaps and drive remediation efforts prior to and during audit windows
Partner with external auditors, providing technical walkthroughs and supporting evidence requests
Keep control documentation current as tooling, processes, and the environment change
Cross-Functional Security Enablement
Implement and enforce security controls across the company’s broader toolset - SaaS platforms, cloud infrastructure, and endpoint environment
Advise and support IT on secure configuration for onboarding, offboarding, and access provisioning workflows
Partner with engineering teams on secure development practices, secrets management, and cloud security posture
Produce clear, concise reporting on security posture, incident trends, and audit readiness for IT leadership
Stay current on the Microsoft security roadmap, threat landscape, and emerging attack techniques relevant to the company’s environment
What We’re Looking For Experience
5+ years of hands-on experience in a security engineering or security operations role
3+ years of deep, practical experience with the Microsoft 365 security suite (Defender XDR, Sentinel, Entra ID, Purview)
Demonstrated experience supporting or leading a SOC 2 Type 2 audit - from control design through evidence delivery
Proficiency in KQL (Kusto Query Language) for building detection rules, hunting queries, and dashboards in Sentinel
Experience with Azure cloud security, including Azure Security Center / Defender for Cloud, RBAC, and policy management
Hands-on experience with SOAR/automation - Logic Apps, Sentinel playbooks, or equivalent
Certifications (Preferred)
Microsoft Certified: Security Operations Analyst Associate (SC-200)
Microsoft Certified: Azure Security Engineer Associate (AZ-500)
Skills & Attributes
Strong English communication skills - written and verbal - for working cross-functionally with a US-based team
Comfortable working independently in a remote environment with minimal supervision
Detail-oriented approach to documentation, evidence collection, and control ownership
Ability to translate technical security findings into clear, business-relevant language for leadership
Collaborative mindset - willing to mentor junior team members and share knowledge across the IT team
Nice to Have
CISSP, CISM, or CompTIA Security+ certification
Experience with Microsoft Defender for Cloud (multi-cloud security posture management)
Familiarity with Microsoft Intune / endpoint management from a security hardening perspective
Scripting skills in PowerShell or Python for security automation tasks
Experience working within a consulting or MSP environment supporting multiple clients or environments
Working Hours & Location This is a fully remote position based in the Philippines. You will be expected to maintain meaningful overlap with US Eastern or Central business hours to support real-time collaboration with the core team — typically at least 4–5 hours of daily overlap. Flexibility around incident response and time-sensitive audit activities is expected.
Why This Role Matters Security is not an afterthought here — it is foundational to how we operate and earn the trust of our clients. This role gives a seasoned security professional the autonomy to own our security program end-to-end, shape how controls are built and maintained, and have a direct, visible impact on the company’s compliance posture and resilience. If you are someone who takes pride in doing security work right, this is the environment for it. We are dedicated to promoting diversity and upholding our standing as an equal opportunity employer. We welcome applications from candidates of all backgrounds.
