Security Engineer (Cloud Security)

We are looking for a Senior Security Engineer with a focus on cloud security to design, implement, and improve security across our GCP and Kubernetes environments, and to join our Security team.

Responsibilities

• Design and implement secure architecture in GCP

• Secure and harden Kubernetes clusters (GKE) across network, workloads, and access layers

• Build and operate Zero Trust access model based on Zero Trust Architecture

• Configure, tune, and maintain WAF solutions (e.g. Cloudflare, Google Cloud Armor, F5)

• Identify and remediate cloud and Kubernetes misconfigurations

• Implement security logging, monitoring, and detection use cases for cloud-native environments

• Lead or support incident response (triage, containment, root cause analysis, post-incident improvements)

• Partner with DevOps and Engineering teams to integrate security into infrastructure

• Define and enforce security baselines, hardening standards, and guardrails across cloud environments

Requirements

• Strong hands-on experience securing Google Cloud Platform (GCP) environments (IAM, least privilege, service accounts, Workload Identity, VPC security, firewalls, egress control, Org Policies, Security Command Center, audit logging, misconfiguration detection)

• Solid experience securing Kubernetes (GKE) (cluster hardening, API access, RBAC, network policies, workload isolation, pod security, secrets management, container/image security, runtime monitoring e.g. Falco, policy enforcement with OPA/Kyverno)

• Experience with WAF solutions (preferrably F5.) and rule tuning

• Practical experience with ZTNA (e.g. Cloudflare Access, Zscaler) and understanding of OAuth2, OIDC, JWT

• Strong hands-on experience with Infrastructure as Code (Terraform)

• Good understanding of web and API security (OWASP Top 10)

• Experience with logging, monitoring, and incident response in cloud environments

• Ability to identify and mitigate real-world security risks and attack vectors

• Strong problem-solving skills and ability to work independently in a fast-paced environment

• Focus on practical, scalable security solutions rather than theoretical or compliance-only approaches

• Independence and strong communication skills

We offer

• Long-term service agreement contract with QIC with 3 months probation period

• We are diverse — our digital nomads work remotely from 25+ different countries

• Payment in US dollars monthly to your bank account using SWIFT

• Full-time remote, work schedule: 5 days per week, Sunday to Thursday, GMT +3 timezone

• Vacation policy: Qatar Holiday Calendar, 20 vacation days, 10 sick offs

• Performance reviews are conducted twice a year, with the possibility of a raise

• Potential opportunity to apply for a Qatar ID and relocation to Doha, Qatar