Security Engineer, (Threat and Vulnerability Management) Manila, Night-Shift
at SolarWinds (View all jobs)
Manila, Philippines
Req ID: 201456
At SolarWinds, we’re a people-first company. Our purpose is to enrich the lives of the people we serve—including our employees, customers, shareholders, Partners, and communities. Join us in our mission to help customers accelerate business transformation with simple, powerful, and secure solutions.
The ideal candidate thrives in an innovative, fast-paced environment and is collaborative, accountable, ready, and empathetic. We’re looking for individuals who believe they can accomplish more as a team and create lasting growth for themselves and others. We hire based on attitude, competency, and commitment. Solarians are ready to advance our world-class solutions in a fast-paced environment and accept the challenge to lead with purpose. If you’re looking to build your career with an exceptional team, you’ve come to the right place. Join SolarWinds and grow with us!
Your Role:
We are seeking a Security Engineer to join our growing Global Information Security team. In this role, you will work under minimal supervision and will be the technical subject matter expert for threat and vulnerability assessments conducted across our global, hybrid enterprise IT environment. You will work closely with team members throughout the business as well as across technology teams to develop and implement security best practices, controls, and drive remediation activities with a heavy focus in our cloud environments.
Your Impact:
This is a hands-on role that requires a good understanding of enterprise-level security frameworks, policies, processes, and standards, and has good practical knowledge of cloud, system, network, mobile and application security including:
- Working with stakeholders to identify strategies to mitigate and remediate network and system OS level risks as they are identified, primarily by working with the IT network and systems administrators, DevOps, SRE teams, and developers to provide assessments and develop appropriate countermeasures.
- Responsible for conducting On Prem and Cloud assessments of threats and vulnerabilities, determining deviations from acceptable security baselines, and assessing the appropriate levels of risk.
- Assists in the management of security technology processes and solutions, which include cloud security posture, endpoint protection, key/secrets and vulnerability management software.
- Enhance and evolve the current security strategy, guidelines, and configurations for the cloud services used by SolarWinds by writing guides, standards, and best practices.
- Responsible for guiding the daily operational monitoring and escalation of information security events and at times functioning as an incident responder to examine security events for context, appropriateness, and criticality.
- Responsible for leading Cloud and On-premises threat and vulnerability management efforts and working with key business stakeholders to enforce remediation effort.
- Reviewing and updating security operations playbooks to ensure a consistent approach and response to current & emerging threats.
- Identifying operational security issues and evaluating risk based on our enterprise risk framework.
Your Experience:
- Minimum 2+ years of experience as a security administrator, engineer, or analyst in an enterprise environment
- Technical and industry certifications or equivalent experience are a plus (Amazon, Microsoft, ISC2, ISACA, SANS)
- Experience working in cloud/hybrid environments (AWS, Azure, M365, GCP)
- Hands-on experience working with services and tools such as IAM, SecurityHub, GuardDuty, Inspector CloudTrail, CloudWatch, Shield, WAF, KMS, Lambda, CloudWatch, PagerDuty, Slack, CloudCustodian
- Microsoft 365 architectures (cloud and hybrid cloud/on-prem solutions) and components including Azure Active Directory, Defender, Defender for Cloud, Sentinel
- Solid understanding of cybersecurity “best practices” including principles, security protocols and standards material such as OWASP Top 10 and SANS Critical Security Controls
- Familiarity of regulatory requirements (i.e., PCI, HIPAA, GLBA, SOX) and frameworks (e.g., NIST, CIS etc.)
- Must be self-directed, able to manage solo projects or participate as part of a larger team and be able to manage multiple deadlines
- Broad understanding of the cyber security threat landscape and the tools, techniques, and tactics of threat actors
- Strong understanding of Information security concepts such as risk management, control gap assessments, threat modelling, security automation, cloud security, security architecture, and incident response
- Intermediate understanding of basic exploits, vulnerabilities, and attacks
- Able to demonstrate strong initiative and ability to organize and execute on daily tasks with minimal supervision
SolarWinds is an Equal Employment Opportunity Employer. SolarWinds will consider all qualified applicants for employment without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity, marital status, disability, veteran status or any other characteristic protected by law.
All applications are treated in accordance with the SolarWinds Privacy Notice: https://www.solarwinds.com/applicant-privacy-notice