About the company

We are Qatar Insurance Company (QIC), the leading insurance provider in GCC. With a history dating back to 1964, we have established ourselves as a pioneer in the insurance industry, offering innovative solutions to meet the diverse needs of individuals and businesses.

Our vision is to make QIC group become the first Digital Ecosystem in the region by combining insurance and non-insurance services in one platform. Through our digital platforms, such as qic.online and the QIC app, we empower customers to manage their needs anytime and anywhere.

Our employees have been featured in Forbes 30 under 30, teach at online universities, serve on program committees of major IT conferences, and have previously worked at Yandex, Tinkoff, Avito, Ozon, and other leading tech companies.

About the position

We are looking for a Senior Security Engineer with a focus on cloud security to design, implement, and improve security across our GCP and Kubernetes environments, and to join our Security team.

Responsibilities

Design and implement secure architecture in GCP
Secure and harden Kubernetes clusters (GKE) across network, workloads, and access layers
Build and operate Zero Trust access model based on Zero Trust Architecture
Configure, tune, and maintain WAF solutions (e.g. Cloudflare, Google Cloud Armor, F5)
Identify and remediate cloud and Kubernetes misconfigurations
Implement security logging, monitoring, and detection use cases for cloud-native environments
Lead or support incident response (triage, containment, root cause analysis, post-incident improvements)
Partner with DevOps and Engineering teams to integrate security into infrastructure
Define and enforce security baselines, hardening standards, and guardrails across cloud environments

Requirements

Strong hands-on experience securing Google Cloud Platform (GCP) environments (IAM, least privilege, service accounts, Workload Identity, VPC security, firewalls, egress control, Org Policies, Security Command Center, audit logging, misconfiguration detection)
Solid experience securing Kubernetes (GKE) (cluster hardening, API access, RBAC, network policies, workload isolation, pod security, secrets management, container/image security, runtime monitoring e.g. Falco, policy enforcement with OPA/Kyverno)
Experience with WAF solutions (preferrably F5.) and rule tuning
Practical experience with ZTNA (e.g. Cloudflare Access, Zscaler) and understanding of OAuth2, OIDC, JWT
Strong hands-on experience with Infrastructure as Code (Terraform)
Good understanding of web and API security (OWASP Top 10)
Experience with logging, monitoring, and incident response in cloud environments
Ability to identify and mitigate real-world security risks and attack vectors
Strong problem-solving skills and ability to work independently in a fast-paced environment
Focus on practical, scalable security solutions rather than theoretical or compliance-only approaches
Independence and strong communication skills

We offer

Long-term service agreement contract with QIC with 3 months probation period
We are diverse — our digital nomads work remotely from 25+ different countries
Payment in US dollars monthly to your bank account using SWIFT
Full-time remote, work schedule: 5 days per week, Sunday to Thursday, GMT +3 timezone
Vacation policy: Qatar Holiday Calendar, 20 vacation days, 10 sick offs
Performance reviews are conducted twice a year, with the possibility of a raise
Potential opportunity to apply for a Qatar ID and relocation to Doha, Qatar

Copy link to this opening