Security Infrastructure Engineer

Role overview

An opportunity is open for a Security Infrastructure Engineer in Doha, Qatar, supporting a client SOC that runs 24x7 protective monitoring services. The position focuses on building and improving the SIEM foundation that helps the security team identify advanced threats across customer IT environments.

The engineer will take ownership of the design, rollout, and tuning of multi-cloud SIEM platforms such as Microsoft Sentinel, Google Chronicle Security Operations, and Splunk. The goal is to keep these systems highly available, efficient, and ready to support advanced detection and SOC monitoring operations.

Position details

Job title: Security Infrastructure Engineer

Experience required: 5–8 years

Job type: Full-time

Location: Doha, Qatar

Salary: Open for discussion

Vacancies: 1

Key responsibilities

• Architect, deploy, and support SIEM platforms at enterprise scale across multi-cloud environments.
• Drive implementation and tuning of Microsoft Sentinel, Google Chronicle Security Operations, and Splunk Enterprise Security.
• Create and maintain detection logic, analytics content, dashboards, and automated response workflows.
• Improve platform performance, reliability, and scalability to support SOC operations.
• Bring in and standardize logs from a wide range of IT and OT sources.
• Track new attack methods and keep detection coverage up to date.
• Work within ITIL-based service practices and security controls aligned to ISO 27001.
• Partner with different teams to strengthen incident response and monitoring capabilities.
• Provide technical direction while working independently with minimal oversight.

Required experience and technical knowledge

• At least 5 years of experience in IT services or a closely related area.
• Minimum 5 years of practical experience with SOC-managed security tools such as Splunk, Google Chronicle, McAfee ESM, Qualys, SOAR platforms, and Darktrace.
• Hands-on expertise in Microsoft Sentinel design, deployment, and administration.
• Strong command of Kusto Query Language (KQL).
• Experience building analytics rules, workbooks, and SOAR playbooks.
• Implementation and operational experience with Google Chronicle Security Operations.
• Knowledge of Universal Data Model (UDM).
• Ability to develop detections using YARA-L.
• Familiarity with Chronicle SOAR.
• Solid administration experience in Splunk Enterprise Security environments.
• Practical exposure to Microsoft Azure and Google Cloud Platform security services.
• Good understanding of log formats generated by security tools and infrastructure systems.
• Familiarity with EDR, NDR, NGFW, IDS/IPS, WAF, antimalware, web/email filtering, and network detection tools such as Darktrace.
• Experience bringing data sources into SIEM platforms.
• Working understanding of ISO 27001 processes and controls.
• Knowledge of regular expressions, query languages, and scripting, preferably Python.
• Experience administering Linux systems.
• Background in network and systems monitoring.

Additional information

This is a full-time position based in Doha, Qatar. The salary is open for discussion. One position is available.

About the employer

The role is being handled by Adecco Middle East for a client in Doha. Adecco Middle East provides recruitment and workforce solutions across permanent hiring, Emiratization, executive search, IT outsourcing, temporary staffing, visa and payrolling, PRO services, onsite support, assessment centers, and global mobility. The Adecco Group is a Fortune Global 500 organization headquartered in Zurich, Switzerland.

Privacy notice

By submitting an application, candidate details will be shared with Adecco for recruitment processing. The company notes that candidate information will be used in line with its privacy information statement.