Job description
Join Auctane Philippines Inc as a Senior Security Engineer. This fully onsite, night-shift role reports directly to the Chief Information Security Officer (CISO) and represents a strategic addition to our security team in Taguig City, Metro Manila. You will design, implement, and operate advanced security controls across our systems, networks, and cloud environments to protect critical data, ensure business continuity, and support rapid, secure growth.
As a Senior Security Engineer, you will lead threat modeling, incident response, vulnerability management, and security architecture reviews. You will collaborate with IT, DevOps, and product teams to embed security into the software development lifecycle, respond to security events, and drive continuous improvement of our security posture. This role requires hands-on technical expertise, exceptional communication skills, and the ability to mentor and coach junior engineers.
Key responsibilities include designing and enforcing security controls across on-premises, cloud, and hybrid environments; implementing identity and access management, network segmentation, and secure network design; leading incident response and forensics; conducting risk assessments and threat modeling; overseeing vulnerability management and coordinated penetration testing; partnering with developers to adopt secure coding practices; developing security automation and detection workflows using SIEM and SOAR; and contributing to governance, policy updates, and security awareness programs.
Auctane Philippines values security excellence and encourages professional growth. The successful candidate will bring a passion for safeguarding critical information and a collaborative mindset to work with global teams on aggressive timelines. This is an excellent opportunity for a security professional seeking to shape security strategy in a dynamic e-commerce logistics environment.
Responsibility
- Design and implement security controls across on-prem, cloud, and hybrid environments, including identity and access management, firewall policies, VPNs, and network segmentation.
- Lead incident response activities, perform root-cause analysis, and oversee remediation efforts across technical and business teams.
- Conduct threat modeling, risk assessments, and security architecture reviews for new projects and services to ensure secure-by-design.
- Oversee continuous security monitoring, vulnerability management, security automation, and coordination of penetration testing with internal and external teams.
- Collaborate with development and operations teams to embed secure coding practices and shift-left security in the software development lifecycle.
- Develop and maintain security automation and alerting using SIEM, SOAR, and scripting (Python, PowerShell, or Go) to improve detection and response times.
- Mentor and coach security engineers, contribute to security governance, policy updates, and security awareness across the organization.
- Ensure compliance with regulatory requirements and industry standards relevant to the organization's operations.
Qualification
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.
- 5+ years of experience in security engineering, cloud security (AWS/Azure/GCP), and on-premise environments.
- Strong track record in incident response, threat detection, vulnerability management, and security architecture.
- Certifications such as CISSP, CISM, GNFA, or equivalent are preferred.
- Proficiency in scripting and automation (Python, PowerShell, Go) and security tooling.
- Excellent communication skills to explain complex security concepts to non-technical stakeholders and mentor others.
- Ability to work onsite in Taguig with the night shift and collaborate with global teams.
- Knowledge of regulatory requirements and security frameworks (ISO 27001, NIST, PCI DSS) is a plus.