Security Infrastructure Engineer

Security Infrastructure Engineer (Freelance) - Permanent - Doha

At RELYzIT Talent, we don’t recruit — we build

.We unite the top 2% of builders — engineers, architects, creators — into a movement across Europe and the GCC

.Vetted through our VECTOR7™ Signal Stack, you’re not just hired, you’re chosen

.This is more than work. This is where builders build the future

.
About the Ro

leOur client is seeking a Security Infrastructure Engineer to architect, automate, and optimize next-generation security operations. This freelance opportunity in Doha is your chance to drive impact at scale, shaping the security backbone for a leading-edge organization. You’ll be at the heart of a mission that matters: enabling secure, resilient digital transformation across cloud and on-prem environment

s.
Why This Role Matt

ersSecurity is the foundation of trust in a digital world. As a Security Infrastructure Engineer, you will ensure that our client’s security operations are robust, automated, and future-proof. Your work will directly reduce risk, accelerate incident response, and empower the SOC to stay ahead of global threats. The stakes are high — your expertise will be the difference between reactive firefighting and proactive defen

se.
Key Responsibili

• tiesArchitect and maintain telemetry ingestion pipelines from multi-cloud (GCP, AWS, Azure) and on-premises environments using Bind Plane Forwarders, Cloud-to-Cloud connectors, and Webho
• oks.Design, build, and troubleshoot custom parsers to normalize non-standard log sources into the Unified Data Model (U
• DM).Develop dashboards to monitor data ingestion rates, latency, and drops, ensuring high-quality, actionable SIEM d
• ata.Design and code automated incident response playbooks in Google SOAR using Python and visual build
• ers.Engineer and maintain API integrations between Google SOAR and third-party tools (Firewalls, EDR, IAM, Ticketing syste
• ms).Automate manual SOC tasks such as artifact enrichment, evidence gathering, and initial containment acti
• ons.Configure SOAR case management, including custom fields, stages, and SLA tracking to fit SOC operati
• ons.Monitor system health to ensure data integrity and low latency across the security platf
• orm.Manage Role-Based Access Control (RBAC) for sensitive data acc
• ess.Integrate and manage threat intelligence feeds (Mandiant, Virus Total, etc.) to keep detections curr
• ent.Collaborate with Tier 1 and Tier 2 analysts to tune YARA-L rules and reduce alert no
• ise.Interview incident responders to translate manual workflows into automated SOAR playbo
• oks.Lead knowledge transfer sessions on UDM Search and Google SecOps to accelerate investigati
• ons.Work with cloud architects to ensure seamless export of logs to Google SecOps via Cloud Logging and Pub/
• Sub.Coordinate with IT Infrastructure teams for agent deployment and maintenance on servers and
• VMs.Troubleshoot connectivity and firewall issues with network engineers to ensure uninterrupted telemetry f

low.
Technical S

• killsProven experience architecting and managing enterprise-grade SIEM/SOAR platforms (Splunk, Azure Sentinel, QRadar), with at least 1–2 years focused on Google SecOps (Chroni
• cle).Advanced Python programming for automation and custom API connector develop
• ment.Hands-on experience with Google Cloud Platform (GCP) security, including VPC service controls, IAM, and Cloud Log
• ging.Proficiency in Python (Advanced), SQL (BigQuery), YARA/YARA-L, and Bash scrip
• ting.Familiarity with MITRE ATT&CK and NIST Cybersecurity Framew
• orks.Experience with Git (Version Control), Terraform (Infrastructure as Code), Docker/Kubernetes (Containerizat
• ion).Deep knowledge of JSON, Protobuf, and Regex for log parsing and normaliza

tion.
What We’re Looki

• ng ForBachelor’s degree in Computer Science, IT, Cybersecurity, or equiv
• alent.SIEM Certification (Google SecOps, Splunk, Azure Sentinel) req
• uired.Security certifications such as Security+, CySA+, CEH, CISSP, or GCIH are pref
• erred.3–5 years of hands-on experience in Security Engineering, SOC Automation, DevOps, Security Operations, or Infrastructure Sec
• urity.More than 2 years of professional experience in SOAR, Splunk, and SIEM environ
• ments.Strong analytical thinking and problem-solving s
• kills.Excellent communication skills, able to explain technical findings to non-technical stakeho
• lders.Ability to work independently, manage multiple priorities, and meet dead
• lines.Attention to detail and a structured, documentation-driven mi
• ndset.Ability to start immedi
• ately.Willingness to commute as required for the role in

Doha.Language Profi

• ciencyProfessional proficiency in English is req
• uired.Additional language skills are a