Nair Systems is currently looking Identity Security Consultant our Qatar operations.
Required Experience & Skills
· 8+ years in Identity Security / Security Engineering
· Deep hands‑on experience with:
· Active Directory security
· Microsoft Entra ID security
· Conditional Access, MFA, Identity Protection
· Strong PAM / PIM implementation experience
· SOC‑level understanding of identity attack detection and response
· Strong troubleshooting and root‑cause analysis skills
· Excellent written and verbal communication skills
Core Responsibilities
· Own identity security engineering across Active Directory (on‑prem) and Microsoft Entra ID
· Design, implement, and harden identity security configurations
· Act as technical authority for identity threat prevention, detection, and response
· Bridge Identity Engineering and SOC / Incident Response
· Mitigate Red team findings
· Active Directory Security (On‑Prem)
· Secure AD DS architecture and configurations
· Implement and enforce AD Tiering model (Tier 0 / Tier 1 / Tier 2)
· Protect Tier‑0 assets (Domain Controllers, PKI, ADFS, Entra Connect)
· Harden:
· Kerberos authentication
· NTLM usage and restrictions
· Delegation (constrained, resource‑based)
· GPOs for security baselines
· Manage privileged groups and admin separation
· Secure trust relationships and forest/domain boundaries
· Implement PAW / SAW / hardened admin access patterns
· Review and remediate AD attack paths and misconfigurations
Entra ID (Azure AD) Security
· Design and enforce Conditional Access policies
· Implement strong authentication strategies (MFA, passwordless, phishing‑resistant MFA)
· Configure and monitor Entra ID Identity Protection
· Harden tenant security posture and reduce identity attack surface
· Control and monitor:
· Legacy authentication
· OAuth app permissions and consent
· Authentication methods and user flows
· Govern roles, service principals, and app registrations
· Secure Entra ID Connect / Cloud Sync architecture
Privileged Access Management (PAM / PIM)
· Design and implement least‑privilege access models
· Understand and work with Cyberark integrations, Sailpoint etc.
· Implement and operationalize Entra PIM:
· Just‑In‑Time role activation
· Approval workflows
· Role eligibility governance
· Access reviews and alerts
· Identity Threat & Attack Chain Expertise
Deep understanding of identity‑based attacks, including:
· Credential theft and replay
· Pass‑the‑Hash / Pass‑the‑Ticket
· Kerberoasting / AS‑REP roasting
· DCSync / DCShadow
· Golden and Silver Ticket attacks
· Privilege escalation and lateral movement
· Persistence mechanisms in AD and Entra ID
· OAuth token abuse and app consent attacks
· MFA fatigue and authentication bypass techniques
· Map attacker techniques to prevention, detection, and remediation controls
SOC Integration & Detection Engineering
· Work closely with SOC teams on identity‑related threats
· Define and improve identity detection use‑cases
· Ensure logging and visibility for:
· Windows Security Event Logs
· Entra ID audit and sign‑in logs
· Integrate identity telemetry with SIEM / SOAR platforms
· Tune alerts to reduce false positives and improve signal quality
· Build and maintain identity incident response playbooks
· Support investigations of compromised accounts and privilege abuse
Hardening, Assessments & Continuous Improvement
· Perform AD and Entra ID security posture assessments
· Identify configuration drift, technical debt, and risk exposure
· Deliver remediation plans and track closure
· Drive continuous identity security improvement initiatives
· Align identity security posture with Zero Trust principles
Governance, Risk & Compliance
· Ensure identity controls meet internal security standards and regulatory requirements
· Support audit and risk assessments related to identity and access
· Provide evidence, documentation, and technical justifications
· Participate in design and security review boards
Documentation & Knowledge Transfer
· Produce clear, audit‑ready documentation:
· Identity architecture diagrams
· Security standards and configuration baselines
· SOPs and operational runbooks
· Incident response procedures
· Provide knowledge transfer and guidance to internal teams
Should you be interested please send resume