Senior Cloud Security Engineer

Position Description

• At East-West Digital / Iberdrola Innovation Middle East, we are scaling our cloud platform and need a highly capable **Senior Cloud Security Engineer** .
• You will not act as a theoretical compliance auditor, but rather as a **hands-on technical authority with cybersecurity in your DNA** .
• By working shoulder-to-shoulder with engineering teams in a true DevSecOps approach, you will ensure our SaaS products on Google Cloud are secure by design, resilient against attacks, and built with robust, automated defenses from conception to deployment.
• **Primary mission** : Secure the design, deployment, and operation of our SaaS products on Google Cloud through hands-on implementation and technical leadership.
• **Key stakeholders** : Software Architects, Cloud Engineers, Development Teams, and Product Managers.
• **Employment type** : Full-time

Jobs To Be Done

• **Technical Leadership & Architecture:** Act as the primary technical authority for cloud security. Partner with software architects to perform Threat Modeling on new SaaS products and embed "Security by Design" principles.
• **Hands-on GCP Implementation:** Design, configure, and maintain the native Google Cloud security stack (Cloud Armor, conditional IAM, VPC Service Controls, Secret Manager, Security Command Center).
• **SaaS & AppSec:** Define and implement robust protections for our SaaS applications, focusing on API security, WAF configurations, DDoS mitigation, and secure multi-tenant isolation.
• **DevSecOps Integration:** Guide and implement security automations and controls within our CI/CD pipelines (SAST, DAST, container/artifact scanning).
• **Validation & Incident Response:** Conduct continuous internal security assessments of our infrastructure and deployed applications, identify vulnerabilities, provide pragmatic remediation strategies, and act as a key responder during security events.

Education Requirements

• Minimum: Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or equivalent deep, verifiable hands-on engineering experience.
• Preferred: Master’s degree in Cybersecurity.
• Licences/Accreditations: Google Cloud Professional Cloud Security Engineer (highly preferred). Other respected technical certifications (e.g., CISSP, CCSP, OSWE) are a plus.

Experience

• Years of experience: 5–7+ years in Cybersecurity, with at least 3+ years of deeply hands-on experience exclusively securing Google Cloud (GCP) environments.
• Domain exposure: Native GCP security stack (IAM, Cloud Armor, VPC Service Controls, SCC), SaaS architecture, web application vulnerabilities, DevSecOps pipelines, and Infrastructure as Code (Terraform).
• Leadership/ownership: Proven track record of technically influencing and guiding senior software architects, and owning the end-to-end security posture of cloud-native, multi-tenant applications.

Skills And Competencies

• Technical:
• **GCP Security Stack** (Cloud Armor, IAM, VPC Service Controls, Secret Manager, SCC) — Must-have
• **AppSec & Web Vulnerabilities** (OWASP Top 10, API Security, WAF configuration) — Must-have
• **Infrastructure as Code** (Terraform for security controls) — Must-have
• **DevSecOps integration** (SAST/DAST within CI/CD pipelines) — Must-have
• **Scripting/Automation** (Python, Go, or Bash) — Nice-to-haveNice-to-have
• Behavioural: Attacker & Builder Mindset (think like a hacker, build like an engineer), Technical Influence (ability to argue technically and gain respect without being a blocker), Pragmatism, and Ownership.
• Tools/Systems: GCP Console/CLI, Terraform, Modern CI/CD systems (GitHub Actions, GitLab CI, etc.), Cloud-native security scanning tools.

Why Us

• Career growth: You will be the guiding light for cloud security at East-West Digital / Iberdrola Innovation ME, shaping the security foundation of new SaaS products from the ground up. We provide continuous learning platforms and sponsor relevant certifications.
• Culture: We have an engineering-first mindset where security is an enabler, not a roadblock. We value undeniable technical arguments over compliance checklists. You will work in an international, highly skilled environment at the QSTP
• Rewards: Competitive tax-free salary in Qatar, comprehensive health benefits, relocation assistance, and modern workplace perks, among others.

Mobility Information

Job Posting End Date