At Fujitsu, our purpose is to make the world more sustainable by building trust in society through innovation. Founded in Japan in 1935, Fujitsu has been a pioneer in technology and innovation for decades. Today, as a world-leading digital transformation partner, we are committed to transforming business and society in the digital age.

With approximately 130,000 employees across over 50 countries, Fujitsu offers a broad range of products, services, and solutions. We collaborate with our customers to co-create solutions that drive enterprise-wide digitalization while actively working to address social issues and contribute to the United Nations Sustainable Development Goals (SDGs).

Role Title: US Security Operations Center Engineer [Crowdstrike, SIEM & MDR]

Work Setup: Hybrid (Majority WFH, RTO @ BGC, Taguig)
Shift: Night Shift | US Region Support | 5 Day Rotational work day
Location: Philippines

Top Skills: CrowdStrike Administrative Skills,  SIEM Skills (Investigation, Tuning) , Managed Detection & Response Skills, Service Now

Top Daily Task: Security Incident Response , Incident Alert Monitoring

Role Overview

We are seeking a SOC Engineer to lead detection, investigation, and response activities across global security environments. This role requires strong hands‑on expertise in CrowdStrike, SIEM operations, MDR processes, and threat analysis. You will work closely with cross‑functional security, infrastructure, and global response teams in a hybrid night shift setup.

Key Responsibilities

Security Monitoring & Incident Response

• Acknowledge, analyze, and validate security alerts generated from SIEM platforms and other monitoring tools.
• Investigate incidents received via email, phone, ticketing systems, or management escalation.
• Perform triage, correlation, enrichment, and classification of security events.
• Conduct initial analysis of false positives and false negatives to improve detection fidelity.
• Escalate validated incidents to senior SOC analysts and incident response teams as required.
• Collect and analyze logs from firewalls, IDS/IPS, Windows servers, network appliances, AV/EDR platforms, and email security tools.

Threat Investigation & Detection Engineering

• Conduct vulnerability scanning and security assessments for applications and infrastructure.
• Perform log forensics, packet analysis, endpoint investigations, and threat validation.
• Support tuning, optimization, and rule creation for SIEM platforms.
• Participate in detection engineering efforts to enhance monitoring use cases and reduce alert noise.

Security Operations & Governance

• Use ServiceNow to open, update, and track incidents, requests, and change records following SLA and client protocols.
• Generate weekly and ad-hoc SIEM reports for internal and client review.
• Support antivirus management, patch management validation, and security hardening initiatives.
• Assist in risk assessment activities and deployment of security controls.
• Develop, maintain, and update SOC metrics, security advisories, and awareness materials.

Collaboration & Continuous Improvement

• Coordinate with security, infrastructure, and incident response teams to support containment and remediation activities.
• Contribute to documentation, playbooks, and SOP improvements.
• Stay updated with emerging threats, attack techniques, and global cybersecurity trends.

Required Qualifications

• Bachelor’s degree or High School Graduate and equivalent if with relevant job experience
• 2–3+ years of hands‑on experience in a Security Operations Center (Enterprise or MSSP).
• At least 1 year experience supporting cloud security environments (Azure, AWS, or GCP).
• Strong knowledge in:
• Incident Response and Security Event Analysis
• SIEM tools (Azure Sentinel, LogRhythm, FireEye, etc.)
• CrowdStrike Falcon (administration & investigation) – must‑have
• Malware/AV technologies
• Network traffic analysis, TCP/IP, event correlation, and intrusion detection/prevention
• Experience using ticketing systems such as ServiceNow or Remedy.

Preferred Qualifications

• Security certifications such as GCIH, GCIA, GCUX, CCNA, CISSP, or CISA.
• Experience with cloud and application security (web apps, APIs, XML/JSON, SOA, etc.).
• Knowledge of IAM, MFA, DLP, PKI, firewall technologies, and web content filtering.
• Familiarity with compliance frameworks (NIST, PCI, HIPAA, SOX, JSOX).
• Experience with Linux/UNIX and Windows systems at the administrator level.
• Background in vulnerability management, security tool administration, and detection engineering.

Desired Characteristics

• Strong analytical, troubleshooting, and problem‑solving skills.
• Excellent verbal and written communication, with the ability to document findings clearly.
• Highly organized, detail‑oriented, and able to work autonomously.
• A collaborative team player with the ability to work with global stakeholders.
• Curious, proactive, and passionate about continuous learning and SOC maturity improvement.
• Ability to think creatively and propose innovative, cost‑effective security solutions.