SIEM SOAR Senior Consultant

Executive recruitment company Monroe Consulting Group Philippines is recruiting for a prominent technology and consulting firm, renowned as a technological partner for core business processes globally.

Job Summary

Our respected client is seeking a skilled and experienced SIEM SOAR Senior Consultant (Application Management) who will be responsible for leading configuration management, policy/rule creation, automation, platform enhancements, integration, deployment, patching, and incident response/troubleshooting across a broad range of cybersecurity platforms.

The job is located in Ortigas, Pasig City and offers an Onsite work arrangement.

Key Job Responsibilities:

  • Optimize detection logic, policies, and configurations across platforms such as Analytics, Intelligence and Observability Security (SIEM, SOAR)
  • Lead onboarding of web applications into WAF and manage advanced WAF configurations.
  • Oversee firewall rule creation, review, and cleanup to maintain secure and efficient policies.
  • Design and optimize rules in email security gateways to improve filtering and protection.
  • Enhance and fine-tune EPP and EDR policies for better endpoint protection.
  • Translate security use cases into platform-specific configurations and playbooks.
  • Build and maintain automation scripts and workflows for repetitive tasks (e.g., SOAR, Python, API-based integrations).
  • Lead the creation of scheduled reports, weekly, monthly, quarterly, and yearly, on platform effectiveness, detection logic performance, policy impact, configuration health, and other application related reports.
  • Lead troubleshooting and incident response for application-layer security issues.
  • Collaborate closely with SecOps, Governance, and other teams.

Key Job Qualifications:

  • 7+ years in security platform configuration, security engineering and administration.
  • Demonstrated expertise and extensive hands-on experience operating and managing a wide range of cybersecurity platforms, with deep technical knowledge and cross-platform integration skills in at least 1-2 security platforms.
  • Exposure in automation scripting (e.g., Python, APIs) is a plus.