About the company
We are Qatar Insurance Company (QIC), the leading insurance provider in GCC. With a history dating back to 1964, we have established ourselves as a pioneer in the insurance industry, offering innovative solutions to meet the diverse needs of individuals and businesses.
Our vision is to make QIC group become the first Digital Ecosystem in the region by combining insurance and non-insurance services in one platform. Through our digital platforms, such as qic.online and the QIC app, we empower customers to manage their needs anytime and anywhere.
Our employees have been featured in Forbes 30 under 30, teach at online universities, serve on program committees of major IT conferences, and have previously worked at Yandex, Tinkoff, Avito, Ozon, and other leading tech companies.
About the position
We are looking for a Senior SOC Engineer to strengthen our Security Operations capabilities. In this role, you will help design and improve SOC processes, lead complex incident investigations, and support the development of detection and response capabilities across the organization. You will work closely with security analysts and engineering teams to enhance monitoring, automate response workflows, and continuously improve our security posture.
Responsibilities
- Define and continuously improve security processes, procedures, and incident response playbooks
- Optimize security event and log collection based on risk and detection relevance
- Oversee and improve incident response workflows through post-incident analysis and lessons learned
- Collaborate with L1-L2 security team members to expand detection coverage and develop new use cases
- Participate in major security incident investigations, providing technical analysis and remediation guidance
- Standardize automation and orchestration across SIEM, SOAR, EDR and related tools
- Ensure alignment of security operations with security policies and frameworks (ISO 27001, NIST, MITRE ATT&CK)
- Review security architecture for cloud and on-prem environments and recommend improvements
- Lead investigation and response for high and critical severity incidents
- Track remediation actions and ensure closure of identified security gaps
Requirements
- 5+ years of experience in Information Security as an L2/L3 SOC Analyst/Engineer with strong focus on Incident Response
- Strong understanding of the incident lifecycle, detection engineering, and response escalation
- Hands-on experience with SIEM/SOAR platforms (e.g., Splunk, Sentinel, Chronicle, QRadar, Wazuh)
- Experience conducting security investigations and root cause analysis, as well as documenting those
- Understanding of common log sources (network, endpoint, identity, application)
- Experience developing detection rules and playbooks (Sigma, KQL, YAML, etc.)
- Knowledge of ISO 27001 standards, MITRE ATT&CK and threat intelligence practices
- Basic scripting or automation skills (Python or Bash)
- Strong documentation, communication, and cross-team collaboration skills
Nice to have: - Knowledge of secure architecture principles (Zero Trust, CIS Benchmarks, NIST, OWASP) is a big advantage
- Knowledge of cloud security monitoring (GCP, AWS, Azure) is a plus
We offer
- Long-term service agreement contract with QIC with 3 months probation period
- We are diverse — our digital nomads work remotely from 25+ different countries
- Payment in US dollars monthly to your bank account using SWIFT
- Full-time remote, work schedule: 5 days per week, Sunday to Thursday, GMT +3 timezone
- Vacation policy: Qatar Holiday Calendar, 20 vacation days, 10 sick offs
- Performance reviews are conducted twice a year, with the possibility of a raise
- Potential opportunity to apply for a Qatar ID and relocation to Doha, Qatar