SecOps Engineer (Blue Team)

AED 30,000 - 40,000 per month, plus benefits

Charterhouse are partnered with a fast-growing tech company in the networking equipment space, that is building its own Network Operating System (NOS) designed to run on white-box switches and routers across on-prem and cloud data-center environments. As the platform scales, they’re looking for a SecOps Engineer / Infrastructure Security Engineer to join the team and help secure the production and development environments.

The SecOps Engineer will be responsible for designing and maintaining security controls and baselines across Linux, macOS, and Windows environments, working closely with software engineers, DevOps, and IT teams. A key part of the role will involve managing and improving identity and access management, including SSO, MFA, LDAP/SAML integrations, and privileged access controls.

The role will focus heavily on securing the software delivery lifecycle, including hardening build servers, containers, and CI/CD pipelines against supply-chain and insider threats. The Engineer will deploy, configure, and tune endpoint security tooling, IDS/IPS, vulnerability management platforms, and SIEM solutions, and actively monitor logs and telemetry using tools such as ELK, Grafana, and SIEM platforms to detect and respond to suspicious activity.

In addition, the SecOps Engineer will lead and document incident response activities, covering triage, containment, root-cause analysis, and remediation, working closely with engineering and infrastructure teams. You will help embed security best practices into daily workflows, contribute to internal security standards, and maintain security documentation, runbooks, and playbooks to support audits and compliance requirements in a growing, engineering-driven environment.

The ideal candidate will have a strong background in defending Linux systems, with solid macOS and Windows knowledge, and proven, hands-on experience owning security in on-prem or hybrid production environments. The role requires direct experience operating IAM, MFA, and SSO solutions, along with a strong understanding of network security concepts including firewalls, VPNs, segmentation, and IDS/IPS in non-cloud-native environments.

Hands-on experience securing on-prem or hybrid infrastructure is essential, including vulnerability scanning, patch management, and endpoint protection across physical and virtual systems. Proficiency in scripting and automation using Bash, Python, or PowerShell is also required.