IAM PIM / PAM solutions lead engineer

Main Job Purpose:

Evaluate, architect and implement Hybrid IAM PIM/PAM solutions in a large scope environment covering Cloud-based & On-premises business solutions and applications to mitigate risks and protect corporate assets from external attacks.

Conduct security & risk assessment of new/existing Hybrid IAM PIM/PAM solutions, identify risks, propose proper mitigations, guide and collaborate with different stakeholders, teams and business functions to apply those mitigations and improve security posture.

Objectives:

Architect, evaluate and improve Hybrid IAM & access control solutions.

Participate in new IAM PIM/PAM projects and recommend best practices.

Improve security posture of apps/systems by implementing PIM/PAM solutions.

Assess and mitigate identity risks associated with business solutions and applications.

Improve data & application security based on regular risk assessment.

Communicate with stakeholders to build secure IAM architect & mitigate risks.

Prepare proposals of new projects and engage with external vendors & IAM vendors.

Accountabilities:

Evaluate, architect, and implement Hybrid IAM & Access Control solutions covering multiple business applications/solutions in a hybrid environment.

Evaluate, architect, and implement Single-Sign-On (SSO) Solutions, MFA solutions, identity protection in a Hybrid large scope environment.

Assess and recommend secure authentication and authorization protocols and standards like

LDAP, NTLM, Kerberos, SAML 2.0, OIDC, OAuth2.0.

Evaluate & ensure IAAA model including Identification, authentication, authorization, and auditing, B2B/B2C, Guest Access management are enforced within IAM Solutions.

Assess & ensure security principles like SoD, RBAC, SCIM, Least Privileges, need to know, Zero Trust access architectural principles are enforced through IAM Solutions.

Perform design and deployment of Identity governance, lifecycle management, provisioning and deprovisioning methodologies.

Evaluate, configure, and implement security solutions including Policy Management, Web

Access Management, Session Management.

Participate in design and deployment of Key Vault, Secret Management systems like Azure

Key Vault, HSM, PKI, Trusted Certificate Authorities.

Creates and maintains architecture diagrams and documentation for Hybrid IAM Solution including Cloud & on-premises systems.

Engage with a variety of internal, external stakeholders and different business functions to implement access levels for new systems.

Working Environment:

The position follows the normal working environment of the organization.

Indoor: This position is mainly indoor.

Outdoor: Based on business needs.

Competencies & Skills 

Teamwork skills.

Communication skills.

Learning abilities skills.

Growth mindset

Positive Attitude & Culture

Organizational skills.

Responsibility & Ownership

High Quality of work

Actively listening skills.

Improvement initiatives

Stakeholder management

English Language proficiency

J o b R e q u i r e m e n t s

Education:

Computer Engineering, Communication Engineering, Computer Science, or an equivalent academic graduation degree.

Cloud certification is preferred like Azure AD Identity & Access Administrator (SC-

300), Azure Security Technologies Engineer (AZ-500), Azure Solutions Architect

Expert (AZ-303 + AZ-304), Azure Cloud Administrator (AZ-104), Microsoft Active

Directory certificate.

Information Security relevant certification is preferred, SSCP, CCSK, CISSP, CISA, CompTIA Network+, CompTIA Security+

Basic knowledge of IAM security standards (ISO/IEC 27002, ISO/IEC 27032, NIST SP 800-53 and NIST SP 800-63).

Basic Knowledge of information security industry, regulatory and compliance standards such GDPR, PCI-DSS, ISO 27001, NIST CSF, NIST RMF is highly desired.

Experience:

Minimum 7 years of Experience in Information Security or Information Technology field, specifically three years of them focusing on IAM & PAM/PIM Solutions.

Proven experience with different IAM & PIM/PAM solutions like Microsoft AD, Azure AD, Azure PIM/PAM, Oracle IAM/PAM, IBM IAM/PAM, Okta IAM, One Identity, Ping Identity and SailPoint IAM.

Evaluate, architect, and implement Hybrid IAM & Access Control solutions covering multiple business applications/solutions in a hybrid environment.

Evaluate, architect, and implement Single-Sign-On integrations (SSO), MFA solutions, identity protection in a Hybrid large scope environment.

Solid knowledge of authentication and authorization protocols and standards like LDAP, NTLM, Kerberos, SAML 2.0, OIDC, OAuth2.0.

Basic knowledge of IAAA model including Identification, authentication, authorization, and auditing, B2B/B2C, Guest Access management.

Basic knowledge of security principles like SoD, RBAC, SCIM, Least

Privileges, need to know, Zero Trust access architectural principles.

Experience in the design and deployment of Identity governance, lifecycle management, provisioning and deprovisioning methodologies.

Evaluate, configure, and implement security solutions including Policy

Management, Web Access Management, Session Management.

Languages:

English Fluent

Arabic Fluent