Qureos

FIND_THE_RIGHTJOB.

Senior Systems Engineer

Doha, Qatar

Key Accountabilities:

Role Purpose: The Senior Systems Engineer plays a critical role in ensuring the smooth operation, security, and scalability of the organization's IT infrastructure. This position encompasses administration and optimization of Active Directory (AD) and cloud environments, Office 365 applications, storage, and backup systems, as well as active collaboration with Information Security teams to support endpoint detection and response (EDR/XDR), Security Information and Event Management (SIEM), and Security Orchestration, Automation, and Response (SOAR) platforms. This role is also responsible for compliance, audit readiness, system monitoring, reporting, and user account management, ensuring alignment with organizational goals and regulatory requirements.

Duties and Responsibilities:

  • Active Directory (AD) Strategy & Management
    a. Lead the design, optimization, and high-availability management of Active Directory (on-premises, cloud, and hybrid environments), ensuring scalability, security, and operational efficiency.
    b. Establish and enforce security best practices for AD, including privileged access management, delegation models, and role-based access control (RBAC).
    c. Oversee AD health monitoring, troubleshoot complex directory service issues, and implement proactive automation for maintenance.
    d. Define policies and standards for DNS, domain controllers, and replication strategies to ensure a resilient directory infrastructure.
  • Office 365 Enterprise Administration
    a. Drive the enterprise administration of Office 365, ensuring optimal configuration, performance, and security across Exchange Online, SharePoint Online, Teams, OneDrive, and other services.
    b. Implement and oversee security controls, including Multi-Factor Authentication (MFA), Data Loss Prevention (DLP), Advanced Threat Protection (ATP), and compliance policies.
    c. Develop long-term strategies for Office 365 adoption, user training, and governance to align with business needs and IT security frameworks.
  • Enterprise Storage & Backup Architecture
    a. Architect and manage scalable storage solutions, ensuring data integrity, high availability, and disaster recovery readiness.
    b. Define enterprise-wide backup strategies, including regular recovery testing and automated failover mechanisms.
    c. Conduct capacity planning and risk assessments to optimize storage investments and mitigate potential data loss scenarios.
  • Security & Threat Mitigation Collaboration
    a. Partner with the Information Security team to develop and enforce security policies, ensuring compliance with cybersecurity frameworks.
    b. Integrate security tools such as Endpoint Detection and Response (EDR/XDR), Security Information and Event Management (SIEM), and Security Orchestration, Automation, and Response (SOAR) into system management workflows.
    c. Implement proactive security hardening measures and monitor emerging threats to protect organizational assets.
  • Advanced Threat Intelligence & Penetration Testing Support- Collaboration

Partner with the Information Security team to/for:
a. Integration and utilization of threat intelligence platforms (e.g., Microsoft Sentinel, CrowdStrike Falcon X, Fortinet FortiSIEM) for proactive security insights.
b. Establish a structured approach to penetration testing coordination, ensuring vulnerabilities identified via tools like Tenable Nessus and Qualys Web Application Scanning are promptly addressed.
c. Maintain documentation of security assessments, findings, and remediation strategies to support risk management objectives.

  • Compliance & Audit Leadership
    a. Lead IT compliance initiatives, ensuring that infrastructure aligns with standards such as Qatar Cybersecurity Framework, GDPR, and ISO 27001.
    b. Collaborate with auditors to provide detailed system architecture reviews, compliance reports, and incident response documentation.
    c. Develop and execute remediation plans to address vulnerabilities or non-compliance findings.
  • Enterprise Monitoring & Strategic Reporting
    a. Implement and manage enterprise monitoring platforms (e.g., Quest, ManageEngine) to ensure real-time visibility into system performance, security threats, and compliance adherence.
    b. Generate executive-level dashboards and analytical reports to track IT infrastructure health, security incidents, and operational efficiency.
    c. Utilize trend analysis to drive continuous improvement initiatives in system resilience, security posture, and performance optimization.
  • Technical Leadership & Mentorship
    a. Provide Tier 3+ escalation support for complex system-related issues, engaging directly with vendors and senior IT staff to drive resolution.
    b. Lead training programs and knowledge-sharing initiatives to enhance the expertise of IT teams and end-users.
    c. Develop and maintain best practice documentation for system configurations, troubleshooting procedures, and incident response.
  • Strategic Project Leadership
    a. Take ownership of major IT infrastructure projects, including cloud migrations, system consolidations, and security enhancements.
    b. Drive research and implementation of emerging technologies to enhance organizational efficiency, security, and scalability.
    c. Define and enforce best practices for Identity and Access Management (IAM) in Azure Active Directory and other enterprise platforms.
    d. Lead encryption and backup strategy development for hybrid cloud environments.
  • Compliance & Risk Management Advocacy
    a. Act as a key advisor in regulatory compliance efforts, providing expert guidance on industry best practices and emerging threats.
    b. Develop structured approaches for gathering audit evidence and implementing corrective action plans.
    c. Maintain up-to-date documentation on compliance frameworks and IT risk management protocols.
  • Cybersecurity Awareness & Training Programs
    a. Lead the development and execution of cybersecurity awareness campaigns, ensuring employees are educated on best practices.
    b. Oversee phishing simulation programs and track user engagement metrics to enhance organizational resilience against social engineering attacks.
    c. Advocate for strong password management, secure internet usage, and data protection across all user levels.

Qualifications/Requirements:
  • Active Directory & Identity Management
    • Advanced knowledge of Active Directory (on-prem, cloud, and hybrid) architecture, including domain controllers, forests, trusts, replication, and DNS configurations.
    • Expertise in Group Policy management, Organizational Units (OUs), and Role-Based Access Control (RBAC).
    • Strong understanding of Azure Active Directory (Azure AD), including Conditional Access, Privileged Identity Management (PIM), and Single Sign-On (SSO) integration.
    • Knowledge of Identity and Access Management (IAM) frameworks, authentication protocols (LDAP, Kerberos, SAML, OAuth, OpenID Connect), and Zero Trust security models.
  • Office 365 & Cloud Services
    • Deep understanding of Microsoft 365 administration, including Exchange Online, SharePoint Online, Teams, and OneDrive.
    • Expertise in configuring security features such as Multi-Factor Authentication (MFA), Data Loss Prevention (DLP), email filtering, and Intune for endpoint management.
    • Familiarity with hybrid cloud environments, including Microsoft Entra ID, Microsoft Defender for Office 365, and Azure Virtual Desktop.

  • Storage & Backup Management
    • Strong knowledge of enterprise storage solutions (SAN, NAS, RAID) and backup technologies (Veeam, CommVault, Azure Backup, or equivalent).
    • Experience in disaster recovery planning, business continuity strategies, and high-availability architectures.
    • Understanding of cloud storage solutions, including Azure Blob Storage, AWS S3, and OneDrive for Business.
  • Security, Compliance & Threat Management
    • Knowledge of Endpoint Detection & Response (EDR), Extended Detection & Response (XDR), and Security Information & Event Management (SIEM) tools (Microsoft Sentinel, Fortinet FortiSIEM, Splunk, etc.).
    • Awareness of Security Orchestration, Automation, and Response (SOAR) solutions and how they integrate into IT operations.
    • Familiarity with cybersecurity frameworks and regulations such as NIST, ISO 27001, GDPR, and Qatar Cybersecurity Framework.
    • Understanding of penetration testing tools and vulnerability scanning solutions (Tenable Nessus, Qualys, CrowdStrike Falcon, etc.).
  • Infrastructure & Networking
    • Strong knowledge of Windows Server administration, virtualization technologies (VMware, Hyper-V), and cloud-hosted infrastructure (Azure, AWS).
    • Understanding of networking fundamentals, including TCP/IP, VLANs, firewalls, VPNs, and load balancing.
    • Experience with enterprise monitoring tools (ManageEngine, Quest, PRTG, or equivalent).
  • Project & IT Service Management
    • Experience in leading IT infrastructure projects, including cloud migrations, system upgrades, and security enhancements.
    • Familiarity with IT service management (ITSM) frameworks such as ITIL, including incident, problem, and change management processes.
    • Ability to develop reports, dashboards, and KPIs for performance monitoring and compliance tracking.
  • User Support & Training
    • Strong troubleshooting skills for complex system and security issues.
    • Experience in developing and delivering user training on IT security best practices, system usage, and incident response procedures.

  • Bachelor's degree (or diploma) in computer science, information technology, cybersecurity, or a related field; advanced degree (such as Masters) is preferred.
  • Certifications are desirable- examples of certifications are:

Note: The candidate is NOT expected to have these certifications. They are provided as a reference to help candidates understand the key certification categories relevant to this role.

Core Infrastructure & Systems Administration

  • Microsoft Certified: Azure Solutions Architect Expert – Demonstrates expertise in designing and implementing Azure solutions.
  • Microsoft Certified: Windows Server Hybrid Administrator Associate – Covers advanced Windows Server management in hybrid environments.
  • VMware Certified Professional – Data Center Virtualization (VCP-DCV) – Validates skills in virtualization and cloud infrastructure.

Security & Compliance

  • Certified Information Systems Security Professional (CISSP) – Essential for security leadership and risk management.
  • Microsoft Certified: Cybersecurity Architect Expert – Demonstrates expertise in securing Microsoft cloud and hybrid environments.
  • Certified Ethical Hacker (CEH) – Useful for understanding penetration testing and vulnerability assessments.

Cloud & Identity Management

  • Microsoft Certified: Identity and Access Administrator Associate – Focuses on Azure AD, IAM, and security controls.
  • AWS Certified Solutions Architect – Associate – Ideal for engineers working in multi-cloud environments.
  • Google Professional Cloud Architect – Recommended for organizations using Google Cloud.

IT Service & Project Management

  • ITIL 4 Foundation – Covers best practices for IT service management.
  • Project Management Professional (PMP)® – Beneficial for managing IT projects effectively.

© 2025 Qureos. All rights reserved.