Identity Security Consultant

  • Full-time

Job Description

We are currently looking   Identity Security Consultant our Qatar operations.

Required Experience & Skills

  • 8+ years in Identity Security / Security Engineering
  • Deep hands‑on experience with:
  • Active Directory security
  • Microsoft Entra ID security
  • Conditional Access, MFA, Identity Protection
  • Strong PAM / PIM implementation experience
  • SOC‑level understanding of identity attack detection and response
  • Strong troubleshooting and root‑cause analysis skills
  • Excellent written and verbal communication skills

Core Responsibilities

  • Own identity security engineering across Active Directory (on‑prem) and Microsoft Entra ID
  • Design, implement, and harden identity security configurations
  • Act as technical authority for identity threat prevention, detection, and response
  • Bridge Identity Engineering and SOC / Incident Response
  • Mitigate Red team findings
  • Active Directory Security (On‑Prem)
  • Secure AD DS architecture and configurations
  • Implement and enforce AD Tiering model (Tier 0 / Tier 1 / Tier 2)
  • Protect Tier‑0 assets (Domain Controllers, PKI, ADFS, Entra Connect)
  • Harden:
  • Kerberos authentication
  • NTLM usage and restrictions
  • Delegation (constrained, resource‑based)
  • GPOs for security baselines
  • Manage privileged groups and admin separation
  • Secure trust relationships and forest/domain boundaries
  • Implement PAW / SAW / hardened admin access patterns
  • Review and remediate AD attack paths and misconfigurations

Entra ID (Azure AD) Security

  • Design and enforce Conditional Access policies
  • Implement strong authentication strategies (MFA, passwordless, phishing‑resistant MFA)
  • Configure and monitor Entra ID Identity Protection
  • Harden tenant security posture and reduce identity attack surface
  • Control and monitor:
  • Legacy authentication
  • OAuth app permissions and consent
  • Authentication methods and user flows
  • Govern roles, service principals, and app registrations
  • Secure Entra ID Connect / Cloud Sync architecture

 Privileged Access Management (PAM / PIM)

  • Design and implement least‑privilege access models
  • Understand and work with Cyberark integrations, Sailpoint etc.
  • Implement and operationalize Entra PIM:
  • Just‑In‑Time role activation
  • Approval workflows
  • Role eligibility governance
  • Access reviews and alerts
  • Identity Threat & Attack Chain Expertise

Deep understanding of identitybased attacks, including:

  • Credential theft and replay
  • Pass‑the‑Hash / Pass‑the‑Ticket
  • Kerberoasting / AS‑REP roasting
  • DCSync / DCShadow
  • Golden and Silver Ticket attacks
  • Privilege escalation and lateral movement
  • Persistence mechanisms in AD and Entra ID
  • OAuth token abuse and app consent attacks
  • MFA fatigue and authentication bypass techniques
  • Map attacker techniques to prevention, detection, and remediation controls

 SOC Integration & Detection Engineering

  • Work closely with SOC teams on identity‑related threats
  • Define and improve identity detection use‑cases
  • Ensure logging and visibility for:
  • Windows Security Event Logs
  • Entra ID audit and sign‑in logs
  • Integrate identity telemetry with SIEM / SOAR platforms
  • Tune alerts to reduce false positives and improve signal quality
  • Build and maintain identity incident response playbooks
  • Support investigations of compromised accounts and privilege abuse

Hardening, Assessments & Continuous Improvement

 

  • Perform AD and Entra ID security posture assessments
  • Identify configuration drift, technical debt, and risk exposure
  • Deliver remediation plans and track closure
  • Drive continuous identity security improvement initiatives
  • Align identity security posture with Zero Trust principles

 Governance, Risk & Compliance

  • Ensure identity controls meet internal security standards and regulatory requirements
  • Support audit and risk assessments related to identity and access
  • Provide evidence, documentation, and technical justifications
  • Participate in design and security review boards

 Documentation & Knowledge Transfer

  • Produce clear, audit‑ready documentation:
  • Identity architecture diagrams
  • Security standards and configuration baselines
  • SOPs and operational runbooks
  • Incident response procedures
  • Provide knowledge transfer and guidance to internal teams

Joining time frame: 2 weeks (maximum 1 month)

I'm interested