About the company

We are Qatar Insurance Company (QIC), the leading insurance provider in GCC. With a history dating back to 1964, we have established ourselves as a pioneer in the insurance industry, offering innovative solutions to meet the diverse needs of individuals and businesses.

Our vision is to make QIC group become the first Digital Ecosystem in the region by combining insurance and non-insurance services in one platform. Through our digital platforms, such as qic.online and the QIC app, we empower customers to manage their needs anytime and anywhere.

Our employees have been featured in Forbes 30 under 30, teach at online universities, serve on program committees of major IT conferences, and have previously worked at Yandex, Tinkoff, Avito, Ozon, and other leading tech companies.

About the position

We are looking for a Senior SOC Engineer to strengthen our Security Operations capabilities. In this role, you will help design and improve SOC processes, lead complex incident investigations, and support the development of detection and response capabilities across the organization. You will work closely with security analysts and engineering teams to enhance monitoring, automate response workflows, and continuously improve our security posture.

Responsibilities

Define and continuously improve security processes, procedures, and incident response playbooks
Optimize security event and log collection based on risk and detection relevance
Oversee and improve incident response workflows through post-incident analysis and lessons learned
Collaborate with L1-L2 security team members to expand detection coverage and develop new use cases
Participate in major security incident investigations, providing technical analysis and remediation guidance
Standardize automation and orchestration across SIEM, SOAR, EDR and related tools
Ensure alignment of security operations with security policies and frameworks (ISO 27001, NIST, MITRE ATT&CK)
Review security architecture for cloud and on-prem environments and recommend improvements
Lead investigation and response for high and critical severity incidents
Track remediation actions and ensure closure of identified security gaps

Requirements

5+ years of experience in Information Security as an L2/L3 SOC Analyst/Engineer with strong focus on Incident Response
Strong understanding of the incident lifecycle, detection engineering, and response escalation
Hands-on experience with SIEM/SOAR platforms (e.g., Splunk, Sentinel, Chronicle, QRadar, Wazuh)
Experience conducting security investigations and root cause analysis, as well as documenting those
Understanding of common log sources (network, endpoint, identity, application)
Experience developing detection rules and playbooks (Sigma, KQL, YAML, etc.)
Knowledge of ISO 27001 standards, MITRE ATT&CK and threat intelligence practices
Basic scripting or automation skills (Python or Bash)
Strong documentation, communication, and cross-team collaboration skills

Nice to have:
Knowledge of secure architecture principles (Zero Trust, CIS Benchmarks, NIST, OWASP) is a big advantage
Knowledge of cloud security monitoring (GCP, AWS, Azure) is a plus

We offer

Long-term service agreement contract with QIC with 3 months probation period
We are diverse — our digital nomads work remotely from 25+ different countries
Payment in US dollars monthly to your bank account using SWIFT
Full-time remote, work schedule: 5 days per week, Sunday to Thursday, GMT +3 timezone
Vacation policy: Qatar Holiday Calendar, 20 vacation days, 10 sick offs
Performance reviews are conducted twice a year, with the possibility of a raise
Potential opportunity to apply for a Qatar ID and relocation to Doha, Qatar

Copy link to this opening