Identity Security Consultant

Doha - Qatar

Monthly Salary: Not Disclosed

Posted on: 3 hours ago

Vacancies: 1 Vacancy

Job Summary

We are currently looking Identity Security Consultant our Qatar operations.

Required Experience & Skills

8 years in Identity Security / Security Engineering
Deep handson experience with:
Active Directory security
Microsoft Entra ID security
Conditional Access MFA Identity Protection
Strong PAM / PIM implementation experience
SOClevel understanding of identity attack detection and response
Strong troubleshooting and rootcause analysis skills
Excellent written and verbal communication skills

Core Responsibilities

Own identity security engineering across Active Directory (onprem) and Microsoft Entra ID
Design implement and harden identity security configurations
Act as technical authority for identity threat prevention detection and response
Bridge Identity Engineering and SOC / Incident Response
Mitigate Red team findings
Active Directory Security (OnPrem)
Secure AD DS architecture and configurations
Implement and enforce AD Tiering model (Tier 0 / Tier 1 / Tier 2)
Protect Tier0 assets (Domain Controllers PKI ADFS Entra Connect)
Harden:
Kerberos authentication
NTLM usage and restrictions
Delegation (constrained resourcebased)
GPOs for security baselines
Manage privileged groups and admin separation
Secure trust relationships and forest/domain boundaries
Implement PAW / SAW / hardened admin access patterns
Review and remediate AD attack paths and misconfigurations

Entra ID (Azure AD) Security

Design and enforce Conditional Access policies
Implement strong authentication strategies (MFA passwordless phishingresistant MFA)
Configure and monitor Entra ID Identity Protection
Harden tenant security posture and reduce identity attack surface
Control and monitor:
Legacy authentication
OAuth app permissions and consent
Authentication methods and user flows
Govern roles service principals and app registrations
Secure Entra ID Connect / Cloud Sync architecture

Privileged Access Management (PAM / PIM)

Design and implement leastprivilege access models
Understand and work with Cyberark integrations Sailpoint etc.
Implement and operationalize Entra PIM:
JustInTime role activation
Approval workflows
Role eligibility governance
Access reviews and alerts
Identity Threat & Attack Chain Expertise

Deep understanding of identitybased attacks including:

Credential theft and replay
PasstheHash / PasstheTicket
Kerberoasting / ASREP roasting
DCSync / DCShadow
Golden and Silver Ticket attacks
Privilege escalation and lateral movement
Persistence mechanisms in AD and Entra ID
OAuth token abuse and app consent attacks
MFA fatigue and authentication bypass techniques
Map attacker techniques to prevention detection and remediation controls

SOC Integration & Detection Engineering

Work closely with SOC teams on identityrelated threats
Define and improve identity detection usecases
Ensure logging and visibility for:
Windows Security Event Logs
Entra ID audit and signin logs
Integrate identity telemetry with SIEM / SOAR platforms
Tune alerts to reduce false positives and improve signal quality
Build and maintain identity incident response playbooks
Support investigations of compromised accounts and privilege abuse

Hardening Assessments & Continuous Improvement

Perform AD and Entra ID security posture assessments
Identify configuration drift technical debt and risk exposure
Deliver remediation plans and track closure
Drive continuous identity security improvement initiatives
Align identity security posture with Zero Trust principles

Governance Risk & Compliance

Ensure identity controls meet internal security standards and regulatory requirements
Support audit and risk assessments related to identity and access
Provide evidence documentation and technical justifications
Participate in design and security review boards

Documentation & Knowledge Transfer

Produce clear auditready documentation:
Identity architecture diagrams
Security standards and configuration baselines
SOPs and operational runbooks
Incident response procedures
Provide knowledge transfer and guidance to internal teams

Joining time frame: 2 weeks (maximum 1 month)

Remote Work :

Employment Type :

Full-time

We are currently looking Identity Security Consultant our Qatar operations.Required Experience & Skills8 years in Identity Security / Security EngineeringDeep handson experience with:Active Directory securityMicrosoft Entra ID securityConditional Access MFA Identity ProtectionStrong PAM / PIM impl...

We are currently looking Identity Security Consultant our Qatar operations.

Required Experience & Skills

8 years in Identity Security / Security Engineering
Deep handson experience with:
Active Directory security
Microsoft Entra ID security
Conditional Access MFA Identity Protection
Strong PAM / PIM implementation experience
SOClevel understanding of identity attack detection and response
Strong troubleshooting and rootcause analysis skills
Excellent written and verbal communication skills

Core Responsibilities

Own identity security engineering across Active Directory (onprem) and Microsoft Entra ID
Design implement and harden identity security configurations
Act as technical authority for identity threat prevention detection and response
Bridge Identity Engineering and SOC / Incident Response
Mitigate Red team findings
Active Directory Security (OnPrem)
Secure AD DS architecture and configurations
Implement and enforce AD Tiering model (Tier 0 / Tier 1 / Tier 2)
Protect Tier0 assets (Domain Controllers PKI ADFS Entra Connect)
Harden:
Kerberos authentication
NTLM usage and restrictions
Delegation (constrained resourcebased)
GPOs for security baselines
Manage privileged groups and admin separation
Secure trust relationships and forest/domain boundaries
Implement PAW / SAW / hardened admin access patterns
Review and remediate AD attack paths and misconfigurations

Entra ID (Azure AD) Security

Design and enforce Conditional Access policies
Implement strong authentication strategies (MFA passwordless phishingresistant MFA)
Configure and monitor Entra ID Identity Protection
Harden tenant security posture and reduce identity attack surface
Control and monitor:
Legacy authentication
OAuth app permissions and consent
Authentication methods and user flows
Govern roles service principals and app registrations
Secure Entra ID Connect / Cloud Sync architecture

Privileged Access Management (PAM / PIM)

Design and implement leastprivilege access models
Understand and work with Cyberark integrations Sailpoint etc.
Implement and operationalize Entra PIM:
JustInTime role activation
Approval workflows
Role eligibility governance
Access reviews and alerts
Identity Threat & Attack Chain Expertise

Deep understanding of identitybased attacks including:

Credential theft and replay
PasstheHash / PasstheTicket
Kerberoasting / ASREP roasting
DCSync / DCShadow
Golden and Silver Ticket attacks
Privilege escalation and lateral movement
Persistence mechanisms in AD and Entra ID
OAuth token abuse and app consent attacks
MFA fatigue and authentication bypass techniques
Map attacker techniques to prevention detection and remediation controls

SOC Integration & Detection Engineering

Work closely with SOC teams on identityrelated threats
Define and improve identity detection usecases
Ensure logging and visibility for:
Windows Security Event Logs
Entra ID audit and signin logs
Integrate identity telemetry with SIEM / SOAR platforms
Tune alerts to reduce false positives and improve signal quality
Build and maintain identity incident response playbooks
Support investigations of compromised accounts and privilege abuse

Hardening Assessments & Continuous Improvement

Perform AD and Entra ID security posture assessments
Identify configuration drift technical debt and risk exposure
Deliver remediation plans and track closure
Drive continuous identity security improvement initiatives
Align identity security posture with Zero Trust principles

Governance Risk & Compliance

Ensure identity controls meet internal security standards and regulatory requirements
Support audit and risk assessments related to identity and access
Provide evidence documentation and technical justifications
Participate in design and security review boards

Documentation & Knowledge Transfer

Produce clear auditready documentation:
Identity architecture diagrams
Security standards and configuration baselines
SOPs and operational runbooks
Incident response procedures
Provide knowledge transfer and guidance to internal teams

Joining time frame: 2 weeks (maximum 1 month)

Remote Work :

Employment Type :

Full-time

Key Skills

Apply Now

About Company

VAM Systems

VAM Systems is a Business Consulting, Technology Solutions and Professional Services organization working with major organizations in USA, UAE, Bahrain, India, Singapore and Australia. Delivers leading edge information and communication technology based business solutions to enabl ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click