Engineer - Cloud Security

About This Role

Job Description We are seeking an experienced Cloud Security Engineer / Analyst to join our Cybersecurity Practice. In this role, you will work closely with our cloud, infrastructure, and security teams to design, implement, and maintain security controls that protect our clients’ cloud environments.

Your responsibilities will include assessing cloud architectures, identifying security risks, implementing security best practices, and continuously monitoring cloud platforms to ensure confidentiality, integrity, and availability of systems and data. You will support secure adoption of cloud services across public, private, and hybrid environments, ensuring compliance with organizational policies, industry standards, and Qatari regulatory requirements.

You will collaborate with cloud architects, DevOps teams, and application teams to embed security controls throughout the cloud lifecycle, including design, deployment, and operations. The role requires hands-on technical expertise, strong analytical skills, and the ability to translate security requirements into practical, scalable cloud security solutions.

Responsibilities

• Cloud Security Architecture and Assessment: Assess cloud architectures and environments across public, private, and hybrid cloud platforms to identify security risks and design appropriate security controls. Conduct security reviews of cloud services, configurations, and deployments, including compute, storage, networking, identity, and platform services. Provide detailed assessment reports with clear, actionable remediation recommendations aligned with industry best practices.
• Cloud Security Governance: Define, implement, and maintain cloud security governance frameworks, including security policies, standards, baselines, and control frameworks aligned with organizational and regulatory requirements. Establish clear roles and responsibilities through RACI models and support the development of cloud security operating procedures to ensure consistent, repeatable, and auditable security practices across cloud environments.
• Security Monitoring and Threat Detection: Implement and support cloud security monitoring solutions to detect misconfigurations, vulnerabilities, and suspicious activities. Analyze security alerts and events, investigate potential incidents, and support timely remediation to maintain the confidentiality, integrity, and availability of cloud environments.
• Identity and Access Management: Review and support secure implementation of identity and access controls, including role-based access control, least privilege, authentication, and authorization mechanisms across cloud platforms and services.
• Cloud Security Compliance: Ensure cloud environments comply with organizational security policies, regulatory requirements, and applicable security standards. Support continuous compliance monitoring and remediation of configuration gaps and policy violations.
• DevSecOps and Automation Support: Collaborate with DevOps and cloud engineering teams to integrate security controls into CI/CD pipelines and infrastructure-as-code workflows. Promote automation to improve security consistency, visibility, and scalability across cloud environments.
• Security Tools and Technologies: Evaluate, implement, and manage Cloud-Native Application Protection Platform (CNAPP) solutions to enhance cloud security posture, visibility, and threat detection. This includes third-party platforms such as Palo Alto Prisma Cloud as well as native cloud security solutions such as Microsoft Defender, covering posture management, workload protection, identity security, and runtime threat detection.
• Documentation and Reporting: Create and maintain comprehensive documentation related to cloud security architectures, assessments, controls, and operational procedures. Prepare security reports and dashboards for internal stakeholders and clients as required.
• Training and Awareness: Support security awareness initiatives by providing guidance and knowledge-sharing sessions to cloud, infrastructure, and development teams on secure cloud practices and emerging cloud security threats.

Qualifications

• Education: Bachelor’s / college degree in Computer Science, Information Security, or a related field.
• Experience: At least 2 years of experience in cloud security, cloud infrastructure, cybersecurity operations, or a closely related role.
• Certifications:

Relevant professional certifications are highly desirable. These may include but are not limited to: o Oracle Cloud Infrastructure Security Professional (highly desirable) o Microsoft Azure Security Engineer Associate (AZ-500) (highly desirable) o Other Cloud Service Providers (AWS, GCP, etc.) o Vendor agnostic cloud security (CSA, GIAC, etc.). o General cybersecurity (CompTIA, ISC2, etc.).

• Technical Skills:

Proficiency with cloud security and monitoring tools such as Microsoft Defender for Cloud, Azure Policy, Entra ID, and OCI Cloud Guard, including hands-on experience with IAM configuration, network security controls (NSGs/route controls/security lists), encryption & key management (Azure Key Vault / OCI Vault), and logging/monitoring (Azure Monitor/Log Analytics, OCI Logging). Familiarity with Infrastructure as Code (IaC) (e.g., Terraform, ARM/Bicep) and integrating security checks into automation and deployment workflows is preferred.

• Knowledge:

In-depth knowledge of cloud security principles and practices, including shared responsibility, identity governance, segmentation, hardening, vulnerability management, and incident response in cloud environments. Familiar with security frameworks and guidelines (e.g., CIS Benchmarks, NIST, ISO 27001, CSA Cloud Controls Matrix) and general compliance/security governance concepts. Familiarity with DevSecOps practices and CI/CD pipelines, Qatar National Information Assurance (NIA) is a plus.

About Malomatia ABOUT US malomatia is a leading Qatar-based IT services and solutions provider, bringing together top Qatari and international talent to deliver innovative, end-to-end technology solutions that empower clients to achieve their strategic goals.

Our mission Empowering Qatar’s businesses and governments to leap into the digital future with agile, knowledge-driven solutions.

Our vision To become Qatar’s trusted knowledge partner in digital transformation, disrupting industries, shaping the future, and building a world-class tech ecosystem.

Driving change that makes a real impact Since 2008, malomatia has been driving Qatar’s digital transformation through innovative, ISO-certified IT solutions. With expertise across key public and private sectors, we empower the nation’s vision with advanced services in cloud, cybersecurity, AI, and contact center excellence, elevating the role of technology in shaping Qatar’s sustainable future.

About The Team Established in 2008, malomatia is a Qatari leader in IT services and digital transformation. We serve key sectors including Government, Healthcare, Education, Customs, and Transportation, delivering impactful solutions that support national development goals. Powered by a diverse team of skilled Qatari and international IT professionals, we deliver innovative, high-value digital solutions tailored to the unique needs of our clients.

Our mission is to inspire customers to thrive through digital excellence, and we envision becoming the trusted partner of choice in building a smarter society through technology and talent. We are driven by core values that define our culture and approach: ownership, integrity, empathy, teamwork, transparency, agility, excellence, trust, and innovation.

Join us in shaping the future of technology in Qatar