Vulnerability Management II Engineer II

Vertiv

  • Mandaluyong City, Metro Manila
  • Permanent
  • Full-time
  • 1 month ago
Job Category: IT SecurityJob Description:POSITION SUMMARYThe Security Operations Engineer plays a critical role in designing, implementing, and securing various corporate-wide security products, including but not limited to Microsoft Defender, Halcyon, and Qualys. This individual will evaluate the configuration of existing systems and assist with redesigning, repairing, and reconfiguring as necessary to ensure a secure enterprise environment. They will comprehend the use cases and intended purposes of each tool and provide recommendations to leadership regarding necessary product enhancements. During and after incidents, they will analyze cause and impact, identifying corrective actions required to eliminate and prevent future occurrences. Additionally, they will collaborate with leadership, IT teams, application owners, and asset owners to ensure that all systems maintain healthy, secure, and effective agents, policies, and configurations.RESPONSIBILITIES
  • Design, maintain, and implement security products like Microsoft Defender, Halcyon, and Qualys.
  • Evaluate agent updates and manage versioning
  • Develop security standards, policies, baselines, and best practices for security in alignment with established frameworks like NIST (CSF), CIS, ISO 27001, and GDPR
  • Consistently enhance supported tools by recommending product improvements, optimizing processes, and integrating advanced technologies.
  • Automate administrative tasks using PowerShell, Microsoft Graph API, and Power Automate.
  • Identify misconfigurations and determine the scope of impact; develop and present resolution options while considering system-level impacts and outage mitigation.
  • Develop, examine, and upkeep of both current and proposed processes, procedures, and associated documentation within the team.
  • Partner with other security teams to ensure that new solutions and changes to existing solutions integrate into a complex environment maintaining all three parts of the CIA triad.
  • Collaborate with application and technology teams to diagnose issues, develop solutions, implement appropriate security measures, and automate processes to protect system data from internal and external threats.
  • Engage with vendors to proactively address open tickets and resolve issues in a timely manner.
  • Strong communicator who can articulate complex concepts to both technical and non-technical audiences
  • Develop and maintain accurate reporting through automation while still accommodating situation-based ad-hoc requests
  • Facilitate data and conduct regular auditing in alignment with current business standards and process enhancements
  • Stay current with vendor roadmaps and emerging security technologies.
  • Represent the team in technical forums, audits, and executive briefings.
  • Perform other duties as assigned.
QUALIFICATIONSRequired
  • Bachelor's degree in Computer Science, MIS, Cybersecurity, or a related field of study.
  • 5+ years of experience designing and maintaining antimalware and other security tools.
  • Expertise with Microsoft Defender for Endpoint (MDE) including anti-virus, EDR, and policy creation.
  • Experience with integrating MDE with a Security Event and Incident Management (SEIM) tool.
  • Experience tuning MDE alerts and monitoring.
  • Knowledge of role-based access control for the Microsoft Defender suite and Microsoft Entra.
  • Strong hands-on experience with PowerShell scripting, Microsoft Graph, and automation frameworks.
  • Excellent problem-solving skills with the ability to diagnose and troubleshoot technical issues.
  • Skilled in conducting thorough root cause analysis to identify underlying issues.
  • Excellent communication skills both written and oral using the English language.
  • Ability to work comfortably and successfully in a fast-paced environment with frequent changes in priorities and ability to influence others or manage indirectly.
Preferred
  • 8+ years of experience designing and maintaining EDR/XDR, VMDR, SIEM, SOAR and other security tools.
  • Experience with Halcyon anti-ransomware
  • Experience with Defender Application Control policies
  • Experience with the design and administration of Qualys
  • Experience with Google SecOps
About the Team:Work AuthorizationNo calls or agencies please. Vertiv will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas such as E, F-1, H-1, H-2, L, B, J, or TN or who need sponsorship for work authorization now or in the future, are not eligible for hire.Equal Opportunity EmployerWe promote equal opportunities for all with respect to hiring, terms of employment, mobility, training, compensation, and occupational health, without discrimination as to age, race, color, religion, creed, sex, pregnancy status (including childbirth, breastfeeding, or related medical conditions), marital status, sexual orientation, gender identity / expression (including transgender status or sexual stereotypes), genetic information, citizenship status, national origin, protected veteran status, political affiliation, or disability.

Vertiv