Security Analyst (Remote)

We are seeking a highly experienced Senior Security Analyst to help strengthen and advance cybersecurity operations across multiple client environments. This role is responsible for proactively improving security posture through security engineering, continuous monitoring, detection optimization, and strategic implementation of security best practices.

The ideal candidate will have extensive experience in Managed Service Provider (MSP) environments, advanced expertise in Microsoft security technologies, endpoint protection, identity management, and security operations. This position plays a critical role in reducing organizational risk, enhancing threat detection capabilities, and driving measurable security outcomes through a proactive and consultative approach.

The role leverages the NIST Cybersecurity Framework (CSF) 2.0 to organize, prioritize, and communicate security strategy and operational effectiveness across diverse client environments.

Key Responsibilities

• Operate and maintain proactive security capabilities across client environments.
• Monitor and validate security signals while continuously improving security configurations and detection capabilities.
• Perform Security-as-a-Service operations, including reporting on security posture and security tool health.
• Enhance detection quality through SIEM tuning, alert optimization, dashboard improvements, and correlation rule refinement.
• Conduct advanced Windows and Microsoft 365 log analysis to identify suspicious activity, security gaps, and potential indicators of compromise.
• Implement and support security hardening initiatives across endpoints, servers, cloud environments, and identity platforms.
• Manage and support security awareness training programs and phishing simulation initiatives.
• Ensure security tools and operational processes align with established security standards and service requirements.
• Evaluate emerging security technologies and provide recommendations for adoption and standardization.
• Support AI-driven security and automation initiatives by validating outputs and optimizing repeatable workflows.
• Serve as a senior technical escalation point for complex security-related issues.
• Collaborate with infrastructure, cloud, and operations teams to improve security processes and standards.
• Communicate security risks, findings, and recommendations clearly to both technical and non-technical stakeholders.
• Participate in compliance-related discussions, evidence collection, and security assessments.
• Assist with CMMC, SOC, and other security compliance initiatives as needed.
• Perform additional duties as assigned.

Requirements

• Minimum of 7 years of experience working within a Managed Service Provider (MSP) environment.
• Preferred: 10+ years of experience in cybersecurity, systems administration, security engineering, or systems integration.

Technical Expertise

Security Operations & SIEM

• Advanced experience with SIEM platforms, including:
• Log onboarding and normalization
• Correlation rule development
• Alert tuning
• Dashboard creation
• Security monitoring and incident investigation
• Experience supporting SOC workflows and security automation initiatives.

Endpoint Security & EDR/XDR

• Advanced hands-on experience with:
• SentinelOne
• Huntress
• EDR/XDR deployment and management
• Threat detection and response workflows

Identity & Access Management

• Advanced knowledge of:
• Microsoft Entra ID / Azure AD
• Conditional Access
• Multi-Factor Authentication (MFA)
• Privileged Access Management
• Identity Governance
• Microsoft Intune
• Duo MFA

Networking & Security Infrastructure

• Strong understanding of:
• TCP/IP networking
• Firewall hardening
• Secure network design
• VLANs
• Routing and switching
• VPN technologies (IPSec and SSL)
• Network segmentation

Email & DNS Security

• Experience administering:
• Mimecast (preferred)
• Email Threat Protection solutions
• DNS and web filtering technologies
• Security policy management and troubleshooting

Security Awareness & Training

• Experience managing:
• Phishing simulation campaigns
• Security awareness training platforms
• Compliance-focused end-user security education

Vulnerability Management

• Ability to analyze vulnerability assessments and convert findings into actionable remediation plans and hardening initiatives.

Automation & Scripting

• Strong PowerShell scripting skills.
• Python experience is a plus.
• Experience leveraging automation and AI tools to improve operational efficiency.

Compliance & Frameworks

• Familiarity with:
• NIST Cybersecurity Framework (CSF) 2.0
• CMMC 2.0
• SOC 1 and SOC 2
• Security governance and risk management principles

Soft Skills

• Excellent written and verbal communication skills.
• Strong organizational and time management abilities.
• Ability to work independently in a fast-paced environment.
• Strong analytical and problem-solving skills.
• Detail-oriented with a proactive mindset.
• Ability to communicate complex security concepts to technical and non-technical audiences.
• Strong collaboration and stakeholder management skills.

Preferred Certifications

• CISSP (Highly Preferred)
• Microsoft Certified: Azure Security Engineer Associate (AZ-500)
• Microsoft Certified: Security Operations Analyst Associate (SC-200)
• Microsoft Certified: Identity and Access Administrator Associate (SC-300)
• Microsoft 365 Security Certifications
• AWS Certified Security – Specialty or equivalent AWS security certification

Benefits

• HMO coverage upon regularization
• Paid time off and holiday benefits
• Government-mandated benefits (SSS, PhilHealth, Pag-IBIG)
• Career development and certification support
• Exposure to enterprise-level security technologies
• Collaborative and highly technical work environment
• Opportunities for professional growth and advancement
• Work-life balance and supportive leadership team