Nair Systems is currently looking Identity Security Consultant our Qatar operations. Required Experience & Skills · 8+ years in Identity Security / Security Engineering · Deep hands‑on experience with: · Active Directory security · Microsoft Entra ID security · Conditional Access, MFA, Identity Protection · Strong PAM / PIM implementation experience · SOC‑level understanding of identity attack detection and response · Strong troubleshooting and root‑cause analysis skills · Excellent written and verbal communication skills Core Responsibilities · Own identity security engineering across Active Directory (on‑prem) and Microsoft Entra ID · Design, implement, and harden identity security configurations · Act as technical authority for identity threat prevention, detection, and response · Bridge Identity Engineering and SOC / Incident Response · Mitigate Red team findings · Active Directory Security (On‑Prem) · Secure AD DS architecture and configurations · Implement and enforce AD Tiering model (Tier 0 / Tier 1 / Tier 2) · Protect Tier‑0 assets (Domain Controllers, PKI, ADFS, Entra Connect) · Harden: · Kerberos authentication · NTLM usage and restrictions · Delegation (constrained, resource‑based) · GPOs for security baselines · Manage privileged groups and admin separation · Secure trust relationships and forest/domain boundaries · Implement PAW / SAW / hardened admin access patterns · Review and remediate AD attack paths and misconfigurations Entra ID (Azure AD) Security · Design and enforce Conditional Access policies · Implement strong authentication strategies (MFA, passwordless, phishing‑resistant MFA) · Configure and monitor Entra ID Identity Protection · Harden tenant security posture and reduce identity attack surface · Control and monitor: · Legacy authentication · OAuth app permissions and consent · Authentication methods and user flows · Govern roles, service principals, and app registrations · Secure Entra ID Connect / Cloud Sync architecture Privileged Access Management (PAM / PIM) · Design and implement least‑privilege access models · Understand and work with Cyberark integrations, Sailpoint etc. · Implement and operationalize Entra PIM: · Just‑In‑Time role activation · Approval workflows · Role eligibility governance · Access reviews and alerts · Identity Threat & Attack Chain Expertise Deep understanding of identity‑based attacks, including: · Credential theft and replay · Pass‑the‑Hash / Pass‑the‑Ticket · Kerberoasting / AS‑REP roasting · DCSync / DCShadow · Golden and Silver Ticket attacks · Privilege escalation and lateral movement · Persistence mechanisms in AD and Entra ID · OAuth token abuse and app consent attacks · MFA fatigue and authentication bypass techniques · Map attacker techniques to prevention, detection, and remediation controls SOC Integration & Detection Engineering · Work closely with SOC teams on identity‑related threats · Define and improve identity detection use‑cases · Ensure logging and visibility for: · Windows Security Event Logs · Entra ID audit and sign‑in logs · Integrate identity telemetry with SIEM / SOAR platforms · Tune alerts to reduce false positives and improve signal quality · Build and maintain identity incident response playbooks · Support investigations of compromised accounts and privilege abuse Hardening, Assessments & Continuous Improvement · Perform AD and Entra ID security posture assessments · Identify configuration drift, technical debt, and risk exposure · Deliver remediation plans and track closure · Drive continuous identity security improvement initiatives · Align identity security posture with Zero Trust principles Governance, Risk & Compliance · Ensure identity controls meet internal security standards and regulatory requirements · Support audit and risk assessments related to identity and access · Provide evidence, documentation, and technical justifications · Participate in design and security review boards Documentation & Knowledge Transfer · Produce clear, audit‑ready documentation: · Identity architecture diagrams · Security standards and configuration baselines · SOPs and operational runbooks · Incident response procedures · Provide knowledge transfer and guidance to internal teams