×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Security Infrastructure Engineer

Job in Doha, Qatar
Listing for: MEEZA QSTP
Full Time position
Listed on 2026-01-01
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 400000 - 600000 QAR Yearly QAR 400000.00 600000.00 YEAR
Job Description & How to Apply Below

Pipeline Management

  • Pipeline Management:
    Architect and maintain the ingestion of telemetry from multi-cloud (GCP, AWS, Azure) and on-premises environments using Bind Plane Forwarders, Cloud-to-Cloud (C2C) connectors, and Webhooks.
  • Parser Development:
    Design, build, and troubleshoot custom parsers (CBN) to ensure non-standard log sources are correctly normalized into the Unified Data Model (UDM).
  • Data Health Monitoring:
    Build dashboards to monitor ingestion rates, latency, and data drops to ensure the SIEM is always receiving high-quality, actionable data.
SOAR & Automation Engineering
  • Playbook Development:
    Design and code automated incident response playbooks in Google SOAR using Python and visual builders.
  • Connector Engineering:
    Build and maintain API integrations between Google SOAR and third-party tools (Firewalls, EDR, IAM, Ticketing systems).
  • Workflow Optimization:
    Automate repetitive manual tasks such as artifact enrichment, evidence gathering, and initial containment actions.
  • Case Management Configuration:
    Tailoring the SOAR environment to fit the SOC’s operational needs, including custom fields, stages, and SLA tracking.
Platform Administration and Optimization
  • System Health Monitoring:
    Monitoring the ingestion health to ensure no data is dropped and that latency stays within acceptable limits.
  • Access Control:
    Managing Role-Based Access Control (RBAC) to ensure analysts have the correct level of access to sensitive data.
  • Threat Intel Ingestion:
    Managing the integration of Mandiant, Virus Total, and other third‑party threat intelligence feeds to ensure detections are always up to date with the latest global threats.
Collaboration with SOC Team
  • Feedback Loops:
    Collaborating with Tier 1 and Tier 2 analysts to tune YARA‑L rules based on real-world alert performance and "noise" levels.
  • Requirements Gathering:
    Interviewing incident responders to understand their manual workflows, then translating those into Google SOAR playbooks.
  • Training & Enablement:
    Conducting knowledge transfer sessions on how to use UDM Search and the Google Sec Ops interface to speed up investigations.
Alignment with Infrastructure Team
  • Data Ingestion Strategy:
    Working with GCP/AWS/Azure Architects to ensure that Cloud Logging and Pub/Sub are configured correctly for seamless export to Google Sec Ops platform.
  • Agent Deployment:
    Coordinating with IT Infrastructure teams to deploy and maintain Bind Plane Forwarders on on‑premises servers and virtual machines.
  • Troubleshooting:
    Collaborating with Network Engineers to resolve connectivity issues or firewall blocks that prevent telemetry from reaching the Google Sec Ops platform.
Knowledge, Skills & Experience Academic & Professional Qualifications
  • Bachelor’s degree in computer science, IT, Cybersecurity, or equivalent.
Preferred Certifications
  • Security+, CySA+, CEH, CISSP, GCIH
Experience
  • 3–5 years of hands‑on experience in Security Engineering, SOC Automation, Dev Ops Engineer, Security Operations, or Infrastructure Security.
Skills and Requirements Technical Skills (Must Have)
  • SIEM/SOAR Mastery:
    Proven experience architecting and managing enterprise‑grade platforms (e.g., Splunk, Azure Sentinel, or QRadar), with at least 1–2 years specifically focused on Google Sec Ops (Chronicle).
  • Coding & Scripting:
    Professional experience using Python to automate security workflows or build custom API connectors.
  • Cloud Infrastructure:
    Hands‑on experience managing security within Google Cloud Platform (GCP), including VPC service controls, IAM, and Cloud Logging.
  • Languages:

    Python (Advanced), SQL (Big Query), YARA/YARA‑L, and Bash.
  • Frameworks: MITRE ATT&CK, NIST Cybersecurity Framework.
  • Tools:
    Git (Version Control), Terraform (Infrastructure as Code), Docker/Kubernetes (Containerization).
  • Data Standards:
    Deep knowledge of JSON, Protobuf, and Regex for log parsing and normalization.
Soft Skills
  • Strong analytical thinking and problem‑solving capability.
  • Excellent communication skills, able to explain technical findings to non‑technical stakeholders.
  • Ability to work independently, manage multiple priorities, and meet deadlines.
  • Attention to detail and a structured, documentation‑driven mindset.
Seniority level

Associate

Employment type

Full‑time

Job function

Information Technology

Industries

IT Services and IT Consulting, IT System Data Services, and IT System Design Services

#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search