Security Engineer - Cloud & Operations

About the job

About noonWere building an ecosystem of digital products and services that power everyday life across the Middle Eastfast, scalable, and deeply customer-centric. Our mission is to deliver to every door every day. We want to redefine what technology can do in this region, and were looking for a Security Engineer - Cloud & Operations who can help us move even faster.noons mission: Every door, every day.

What you'll do: Team noon has some of the fastest, smartest, and hardest-working people we've encountered. With a young, aggressive, and talented team, we're driving major missions forward. Noon's Group Cybersecurity is looking for a Security Engineer, Cloud & Operations to join our Cloud Security team. This is a hands-on engineering role, you will build cloud-native detections that catch real attacker behavior in GCP, deploy preventive controls at org scale, and investigate the SOC alerts your own detections generate. You write the detection rule, you investigate the alert it fires, and you convert findings into durable controls or tooling that prevents recurrence. We hire engineers who build, not analysts who configure

• Build and maintain cloud detection rules in SIEM and EDR including GCP-specific attack paths, and managing them through sandbox validation, retro hunts, false-positive elimination, and risk-scoring alignment
• Design and deploy preventive WAF and cloud security controls
• Investigate security alerts and incidents from the SOC, determine root cause, support remediation with engineering teams, and reduce noise through systematic detection tuning and exemption strategies.
• Build and maintain internal cloud security tooling, security scanning pipelines, shipping cross-project services that scale across the group.
• Triage and tune EDR alerts, including detection policy adjustments, response workflow automation, playbook contributions, and endpoint investigation support.
• Build incident response automations based on established playbooks, including containment workflows, IR actions and isolation responses.
• Surface cloud security misconfiguration and work with engineering teams on IAM to right-size access without disruption Partner with DevOps, IT, Product Security, and Offensive Security teams to operationalize cloud restrictions, onboard new environments, validate security controls, and provide evidence for compliance and audit requirement

What you'll need

• 2 to 4 years of experience in cloud security, detection engineering, security operations, or software engineering with a security focus.
• Hands-on experience with GCP security fundamentals: IAM, org policies, service accounts, Cloud Storage, Cloud Build, Cloud Run, or equivalent depth on another major cloud provider.