System Security Engineer

Doha, Qatar
Permanent
Full-time

20 days ago
Apply easily

We are seeking a highly skilled System Security Engineer to strengthen our cybersecurity posture across on-premise and hybrid environments. The ideal candidate will have a strong background in Windows infrastructure security, identity and access management, scripting, and compliance frameworks. This role is critical to ensuring the protection, integrity, and resilience of our IT systems, while supporting secure business operations and digital transformation initiatives.Key Responsibilities:

Design, implement, and manage security solutions across Active Directory, ADFS, and Exchange (on-premise and hybrid).

Harden and secure endpoints, infrastructure, and communications systems against evolving cyber threats.

Automate security tasks and perform system audits using PowerShell and other scripting tools.

Manage patching processes using WSUS, SCCM, or third-party tools.

Integrate security logs and data into SIEM platforms and support threat detection/response initiatives.

Collaborate with IT and business units to enforce identity and access management policies including MFA and Zero Trust architectures.

Support compliance efforts aligned with ISO 27001, NIST, and CIS Controls.

Assess and respond to security incidents using frameworks like MITRE ATT&CK.

Continuously evaluate and improve system and application security controls.

RequirementsQualifications:Required:

Bachelor’s degree in Information Security, Computer Engineering, or related field.

One or more of the following certifications:- Microsoft Certified: Security Operations Analyst Associate (MS-SC200)- Microsoft Certified: Identity and Access Administrator Associate (SC-300)- Microsoft Certified Cybersecurity Architect ExpertPreferred:

Master’s degree in Information Security or Computer Engineering

Additional certifications such as:- Systems Security Certified Practitioner (SSCP)- CompTIA Cybersecurity Analyst (CySA+)- Certified Information Systems Security Professional (CISSP)Experience & Knowledge Requirements:

5+ years of experience in Windows infrastructure security (Active Directory, Exchange, endpoint hardening)

In-depth knowledge of:

- Active Directory (LDAP, Kerberos, Group Policy, ADFS)- Exchange security (transport rules, SPF/DMARC/DKIM, hybrid configurations)- Patch management systems (WSUS, SCCM, etc.)

Strong PowerShell scripting capabilities for security automation and audits

Proficient in Zero Trust architecture and multi-factor authentication practices

Understanding of compliance frameworks: ISO 27001, NIST, CIS Controls

Experience integrating with on-premise SIEM solutions

Familiarity with MITRE ATT&CK and advanced threat detection techniques

Solid background in systems, networks, and/or application security

Skills Requirements:

Security architecture and system hardening

Scripting and automation (PowerShell)

Threat detection, SIEM integration, and log analysis

Identity and access management (IAM)

Compliance and regulatory knowledge

Problem-solving and incident response

Strong communication and documentation skills

BAE Systems