Executive recruitment company Monroe Consulting Group Philippines is recruiting for a prominent technology and consulting firm, renowned as a technological partner for core business processes globally.
Job Summary
Our respected client is seeking a skilled and experienced SIEM SOAR Senior Consultant (Application Management) who will be responsible for leading configuration management, policy/rule creation, automation, platform enhancements, integration, deployment, patching, and incident response/troubleshooting across a broad range of cybersecurity platforms.
The job is located in Ortigas, Pasig City and offers an Onsite work arrangement.
Key Job Responsibilities:
- Optimize detection logic, policies, and configurations across platforms such as Analytics, Intelligence and Observability Security (SIEM, SOAR)
- Lead onboarding of web applications into WAF and manage advanced WAF configurations.
- Oversee firewall rule creation, review, and cleanup to maintain secure and efficient policies.
- Design and optimize rules in email security gateways to improve filtering and protection.
- Enhance and fine-tune EPP and EDR policies for better endpoint protection.
- Translate security use cases into platform-specific configurations and playbooks.
- Build and maintain automation scripts and workflows for repetitive tasks (e.g., SOAR, Python, API-based integrations).
- Lead the creation of scheduled reports, weekly, monthly, quarterly, and yearly, on platform effectiveness, detection logic performance, policy impact, configuration health, and other application related reports.
- Lead troubleshooting and incident response for application-layer security issues.
- Collaborate closely with SecOps, Governance, and other teams.
Key Job Qualifications:
- 7+ years in security platform configuration, security engineering and administration.
- Demonstrated expertise and extensive hands-on experience operating and managing a wide range of cybersecurity platforms, with deep technical knowledge and cross-platform integration skills in at least 1-2 security platforms.
- Exposure in automation scripting (e.g., Python, APIs) is a plus.
