Cloud Security Engineer

We are seeking a Cloud Security Engineer to join our IT operations team, focused on safeguarding our cloud

infrastructure and strengthening our security posture. This role is responsible for day-to-day security operations,

including threat monitoring, incident handling, and remediation, while continuously optimizing security controls

and infrastructure. The position works closely with IT operations, infrastructure teams, and business stakeholders

to ensure security processes are proactive, efficient, and aligned with best practices across the environment.

Key Responsibilities:

• Implementing, managing, and monitoring Microsoft security technologies, including Microsoft Defender, Azure security services, and Microsoft 365 security solutions, to protect cloud and endpoint environments.

• Administering Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) to ensure secure internet usage and controlled access to internal applications.

• Developing, maintaining, and enforcing security policies, standards, and procedures aligned with industry best practices and regulatory requirements, particularly within the financial services sector.

• Working closely with compliance and risk teams to ensure that data is processed, stored, and protected in accordance with applicable regulations (e.g., GDPR, SOX, PCI DSS) and internal governance standards.

• Leading and supporting security incident response activities, including threat detection, investigation, containment, and remediation, ensuring timely resolution and minimal business impact.

• Conducting regular security assessments, audits, and control reviews to evaluate the effectiveness of existing security measures and identify opportunities for improvement.

• Collaborating with external security providers to plan and execute red team exercises, and ensuring timely remediation of identified vulnerabilities and control gaps.

• Coordinating with IT and development teams to ensure the secure design, implementation, and deployment of infrastructure and applications across cloud environments.

• Participating in change management processes by providing security assessments and approvals for proposed changes to systems and infrastructure.

• Contributing to the continuous improvement of security operations, tooling, and processes to enhance overall resilience and operational efficiency.

• Providing on-call support during off-hours, including weekends, to support the timely resolution of critical security incidents or service disruptions when required.

Job Requirements:

• Strong hands-on experience with Microsoft Azure security services, including Microsoft Defender for Cloud, Azure AD (Entra ID), Conditional Access, and identity protection controls.

• Proven experience managing and operating Microsoft 365 Defender suite, including Defender for Endpoint, Defender for Office 365, Defender for Identity, and Defender for Cloud Apps.

• Solid understanding of security operations (SecOps), including threat detection, incident response, root cause analysis, and remediation workflows.

• Proficiency in cloud security architecture and best practices, including network security, identity and access management, and data protection in Azure environments.

• Hands-on experience with secure configuration and hardening of cloud resources, endpoints, and Microsoft 365 services.

• Familiarity with Zscaler (ZIA and ZPA) or similar secure access service edge (SASE) solutions.

• Working knowledge of vulnerability management, security assessments, and remediation practices, including exposure management within cloud environments.

• Understanding of regulatory and compliance frameworks (e.g., ISO 27001, ISAE 3402, GDPR, SOX, PCI DSS), with the ability to align security controls accordingly.

• Experience supporting red team/penetration testing activities and driving remediation of identified findings.

• Scripting or automation skills (e.g., PowerShell, KQL) to support security monitoring, reporting, and operational efficiency.

• Strong analytical and problem-solving skills, with the ability to respond effectively under pressure during security incidents.

• Experience with SIEM and XDR platforms, particularly Microsoft Sentinel, including alert tuning, investigation, and automation (is a plus).

Perks and Benefits:

• Health Coverage: HMO coverage effective on your first day, with one free dependent added upon hire.

• Life Insurance: Coverage begins on your first day of employment.

• Leave Entitlement: 15 pro-rated leave credits from your hire date, increasing to 20 pro-rated leave credits after two years of service.

Work Location and Setup:

• Hybrid Arrangement: Work from home two days a week; on-site three days a week.

• Work Hours: Standard Philippine business hours (Monday to Friday, 9:00 AM - 6:00 PM), with flexibility to align with European time zones when needed.

• Office Location: Bolder Philippines, 8th Floor, Tower 1, Clark City Front, MA Roxas, Clark Freeport Zone, Pampanga