{bc}
naukri

IAM/PAM PKI Engineer

IT-Security C&T
Riyadh, KSA
Senior
5 months ago
engineeringdesignproject managementmaintenancequality controltechnical
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

engineeringdesignproject management
Smart Apply

Full Job Posting

Overview

Operate and improve enterprise Identity security capabilities with focus on

Cerebra mPass (MFA)

and

Cyberark (Pam)

.

You will stabilize day to day operations, drive onboarding and policy improvements, and prepare the roadmap for

Windows Hello For Business

migration and future adoption of

Sailpoint (Iga)

,

Beyondtrust (Pam)

, and

Thales Hsm For Pki

.

Strong troubleshooting, documentation, and audit evidence discipline are essential.

Key Responsibilities

  • MFA.
  • Cerebra mPass
  • Design, configure, and support Cerebra mPass MFA policies, integrations, and user onboarding.
  • Integrate MFA with enterprise systems (VPN, remote access, cloud apps, internal applications) using standard authentication protocols.
  • Monitor authentication flows, troubleshoot access issues, and improve reliability and user experience.
  • Prepare and execute the migration roadmap from mPass to

Windows Hello For Business

, including pilot planning, risk management, and cutover support.

PAM. CyberArk (Current). BeyondTrust (Future)

  • Operate and scale CyberArk (safes, platforms, CPM/PSM health, onboarding, rotations, access workflows).
  • Drive privileged account onboarding and operational hygiene (break glass, vault policies, RBAC, session controls).
  • Support evaluation and future rollout of BeyondTrust as needed (requirements, migration planning, operational model).

IGA. SailPoint (Future)

  • Support readiness for IGA adoption (joiner mover leaver flows, SoD concepts, connector requirements, campaign approach, reporting needs).
  • Contribute to implementation planning and operational runbooks once adopted.

PKI coordination. Thales HSM (Future)

  • Coordinate certificate lifecycle processes and integrations with the AD and PKI stakeholders.
  • Support discovery, inventory, renewal tracking, and certificate operational processes.
  • Participate in planning for

Hsm-Backed Pki With Thales

  • (key ceremony concepts, dual control, CRL/OCSP operational readiness).
  • Note: day to day AD CS administration is owned by the AD team.
  • Operations, compliance, and delivery hygiene
  • Ensure IAM, MFA, and PAM events are visible in SIEM. Maintain health KPIs and reduce alert noise.
  • Execute changes via ITSM with clear testing, validation, rollback, and post change checks.
  • Lead or support RCA for major incidents. Publish SOPs, runbooks, and hardening guidance.
  • Produce audit ready evidence aligned with KSA cybersecurity requirements, including access controls and privileged access governance.

Automation

  • Use PowerShell, Python, and REST APIs to automate onboarding, rotations, reporting, and operational checks.

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at IT-Security C&T