We are looking for an experienced and motivated Cyber Security Engineer specializing in SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) platforms. In this role, you will be responsible for the design, implementation, and ongoing management of our security monitoring and automated response infrastructure. You will work closely with the Security Operations Center (SOC) team, threat analysts, and IT stakeholders to enhance threat detection and automate response processes, ensuring a rapid and effective defense against cyber threats.

SIEM Platform Management:

• Design, implement, and tune SIEM solutions (e.g., Google SecOps, Splunk, IBM QRadar, Microsoft Sentinel, Elastic Stack, or similar).
• Create and maintain correlation rules, dashboards, and reports to detect anomalies and security threats. 
• Integrate data sources from various systems (network, endpoints, cloud, applications) into the SIEM. 
• Optimize data ingestion, parsing, and normalization to reduce noise and improve performance. 

SOAR Platform Integration & Automation:

• Deploy and manage SOAR platforms (e.g., Google SecOps SOAR, Palo Alto Cortex XSOAR, Splunk SOAR, IBM Resilient, or similar). 
• Design and develop automated playbooks for incident response, threat intelligence enrichment, and alert triage. 
• Collaborate with SOC analysts to streamline workflows and reduce response time through automation.
• Maintain integrations with ticketing systems, threat intel feeds, and security tools.

Security Engineering & Support: 

• Support incident response teams with actionable alerts and automated processes.
• Perform root cause analysis of recurring security events and develop engineering solutions to prevent them.
• Collaborate with compliance and audit teams to ensure security controls meet regulatory requirements. 
• Provide training and documentation to SOC and IT teams on the use of SIEM/SOAR tools.

Education & Experience:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field. 
• Minimum of 3 years of experience in cybersecurity, with at least 2 years in SIEM/SOAR administration or engineering.
• Experience in a Security Operations Center (SOC) environment is preferred.

Technical Skills: 

• Strong hands-on experience with at least one major SIEM (e.g., Google SecOps, Splunk, QRadar, Sentinel, ArcSight).
• Experience with SOAR platforms and playbook development.
• Proficiency in scripting languages (Python, PowerShell, Bash) for automation and tool integration.
• Understanding of security frameworks (MITRE ATT&CK, NIST, CIS Controls). 
• Familiarity with EDR/XDR, firewalls, IDS/IPS, threat intelligence platforms, and cloud security tools (AWS, Azure, or GCP). 

Soft Skills:

• Excellent problem-solving and analytical skills.
• Strong written and verbal communication abilities.
• Ability to work independently and collaborate across cross-functional teams

Additional Requirements:

• Must be willing to work on a shifting schedule and report 3x a week to daily onsite at Cyberpark, Cubao or Cebu