We are seeking a highly skilled Senior Security Operations Analyst with significant hands-on experience in Microsoft Sentinel, as well as proficiency in Intune and Microsoft Defender for Endpoint. The ideal candidate will possess a minimum of five years’ direct experience with Sentinel, alongside a robust working knowledge of both Windows and UNIX operating systems. Familiarity with the Microsoft 365 E5 product suite, expertise in Kusto Query Language (KQL), experience developing workbooks and logic apps, and a proven history of collaboration with Security Operations Center (SOC) teams is essential. This individual will play a vital role in tuning security offenses, conducting threat hunting activities, and contributing to the proactive defense of our digital assets.

•  Health Insurance/HMO 
•  Enjoy unlimited MadMax Coffee
•  Diverse learning & growth opportunities
•  Accessible Cloud HR platform (Sprout)
•  Above standard leaves

Core Responsibilities

• Sentinel Expertise: Leverage at least five years of hands-on experience to manage, maintain, and optimize Microsoft Sentinel for security monitoring and incident response. Configure and fine-tune data connectors, analytics rules, and playbooks to increase detection capabilities and reduce false positives.
• Intune and Microsoft Defender for Endpoint: Demonstrate medium-level experience implementing, administering, and troubleshooting Microsoft Intune and Defender for Endpoint. Collaborate with IT and security teams to ensure endpoint security policies are enforced and devices are correctly enrolled, monitored, and protected.
• Cross-Platform Security Operations: Apply familiarity with both Windows and UNIX operating systems to monitor, assess, and respond to threats in a heterogeneous environment. Analyze operating system logs and security events across diverse platforms to ensure comprehensive threat coverage.
• Microsoft 365 E5 Product Suite: Utilize knowledge of M365 E5 products, including advanced security, compliance, and collaboration tools, to support and enhance security operations. Integrate M365 telemetry and intelligence into Sentinel for holistic monitoring.
• Kusto Query Language (KQL): Develop and maintain complex queries and detection logic using KQL to drive advanced threat detection and analytics in Sentinel. Continuously refine query logic to improve incident triage and investigation workflows.
• Workbooks and Logic Apps: Design, implement, and optimize Sentinel workbooks for custom dashboards, reporting, and visualization of security data. Build and maintain automation workflows using Azure Logic Apps to streamline response activities and remediate threats efficiently.
• SOC Collaboration and Threat Hunting: Actively engage with the SOC team to tune alerting rules, reduce noise, and ensure offenses are actionable. Lead or support proactive threat hunting missions using Sentinel and Defender for Endpoint telemetry, providing detailed analysis, documentation, and recommendations on findings.
• Continuous Improvement: Stay abreast of evolving threat trends and advancements in security technologies. Participate in internal and external training to maintain and enhance skills pertinent to Sentinel, Intune, Defender for Endpoint, and related security domains.
• Documentation and Knowledge Sharing: Author and maintain comprehensive documentation covering detection rules, incident response procedures, tuning activities, and lesson-learned reports. Contribute to team knowledge bases and mentor junior analysts as required.

Required Qualifications

• Bachelor’s degree in Information Security, Computer Science, or a related field; or equivalent professional experience.
• Minimum 5 years of direct, hands-on experience with Microsoft Sentinel, including configuration, rule development, alert tuning, and playbook automation.
• Strong practical expertise in the use of Kusto Query Language (KQL) for security analytics and threat detection.
• Medium-level experience with Microsoft Intune and Microsoft Defender for Endpoint in enterprise environments.
• Demonstrated ability to design and maintain Sentinel workbooks and Azure Logic Apps.
• Familiarity with both Windows and UNIX/Linux operating systems, including log analysis, system configuration, and threat response procedures.
• Good understanding of Microsoft 365 E5 product features, especially advanced security and compliance capabilities.
• Track record of working collaboratively with SOC teams for alert tuning, threat hunting, and incident response.
• Strong analytical, troubleshooting, and problem-solving abilities.
• Excellent written and verbal communication skills, including the ability to document processes and communicate findings to technical and non-technical audiences.

Preferred Skills and Certifications

• Relevant certifications such as Microsoft Certified: Security Operations Analyst Associate, Microsoft Certified: Azure Security Engineer Associate, or similar.
• Experience with additional EDR, SIEM, and SOAR platforms.
• Background in scripting or programming (e.g., PowerShell, Python) for process automation.
• Knowledge of compliance frameworks (e.g., SOC 2, ISO 27001, GDPR) and security best practices.
• Experience in security incident investigation and digital forensics.

• Scanned copy of valid NBI Clearance
• Accomplished Medical or PEME Slip (covered by KMC)
• 2x2 & Half body picture with white background
• Proof of government numbers (TIN, SSS, Pag-ibig, & Philhealth)
• Photocopy of 2 valid IDs – front & back (government-issued)
• Clear copy of your Birth Certificate (PSA or NSO)
• Accomplished HR Forms & Promissory Note (will be provided by KMC’s Onboarding Team

If you're a rockstar at what you do and looking to be a part of our amazing story, we want to hear from you!

We offer attractive salaries and benefits plus you get to work in some of the Philippines' best flexible workspaces. Our employees also get to enjoy exclusive discounts, rewards and freebies, and invites to our monthly events. We are always recruiting for roles in IT & Development, Marketing, Business Administration, HR & Recruitment and Legal & Finance Roles.

KMC provides quality employment opportunities for job-seekers looking for a career that is both challenging and fulfilling. We are also committed to providing equal opportunities at every selection stage. We do not discriminate due to age, gender, sexual orientation, ethnicity, nationality, and religion.

KMC Solutions offers a variety of career opportunities in Metro Manila, Cebu and Clark & Iloilo. We are always looking for talented and enthusiastic individuals who are ready to make their next big career move.

At KMC, we foster an inclusive and positive workplace for all. We push our members to succeed in everything they do through our collaborative work environment. We encourage our community to work hard and reach their full potential while delivering results that matter for our members and you as professionals.

We host amazing and quality events and implement people-centric policies to work flexibly. We ensure that everyone in our expansive network is engaged, from our internal employees and those who work on behalf our offshore partners.

At KMC, we work hard and we are committed to putting our best foot forward in everything we do. Everyone is encouraged to be an individual while also working for the collective good of the KMC Community. We believe mistakes are opportunities and that you should not present a solution without a problem.

We also know when hard work deserves to be recognized so we reward our employees with monthly parties, free trips and much much more!