Identity Security Consultant

is currently looking

our

operations.

· 8+ years in Identity Security / Security Engineering

· Deep hands‑on experience with:

· Active Directory security

· Microsoft Entra ID security

· Strong PAM / PIM implementation experience

· SOC‑level understanding of identity attack detection and response

· Strong troubleshooting and root‑cause analysis skills

· Excellent written and verbal communication skills

· Own identity security engineering across Active Directory (on‑prem) and Microsoft Entra ID

· Design, implement, and harden identity security configurations

· Act as technical authority for identity threat prevention, detection, and response

· Bridge Identity Engineering and SOC / Incident Response

· Mitigate Red team findings

· Secure AD DS architecture and configurations

· Implement and enforce AD Tiering model (Tier 0 / Tier 1 / Tier 2)

· Protect Tier‑0 assets (Domain Controllers, PKI, ADFS, Entra Connect)

· Harden:

· Kerberos authentication

· NTLM usage and restrictions

· Delegation (constrained, resource‑based)

· GPOs for security baselines

· Manage privileged groups and admin separation

· Secure trust relationships and forest/domain boundaries

· Implement PAW / SAW / hardened admin access patterns

· Review and remediate AD attack paths and misconfigurations

· Design and enforce Conditional Access policies

· Implement strong authentication strategies (MFA, passwordless, phishing‑resistant MFA)

· Configure and monitor Entra ID Identity Protection

· Harden tenant security posture and reduce identity attack surface

· Control and monitor:

· Legacy authentication

· OAuth app permissions and consent

· Authentication methods and user flows

· Govern roles, service principals, and app registrations

· Secure Entra ID Connect / Cloud Sync architecture

· Design and implement least‑privilege access models

· Understand and work with Cyberark integrations, Sailpoint etc.

· Implement and operationalize Entra PIM:

· Just‑In‑Time role activation

· Approval workflows

· Role eligibility governance

· Access reviews and alerts

Deep understanding of identity‑based attacks, including:

· Credential theft and replay

· Kerberoasting / AS‑REP roasting

· Golden and Silver Ticket attacks

· Privilege escalation and lateral movement

· Persistence mechanisms in AD and Entra ID

· OAuth token abuse and app consent attacks

· MFA fatigue and authentication bypass techniques

· Map attacker techniques to prevention, detection, and remediation controls

· Work closely with SOC teams on identity‑related threats

· Define and improve identity detection use‑cases

· Ensure logging and visibility for:

· Entra ID audit and sign‑in logs

· Integrate identity telemetry with SIEM / SOAR platforms

· Tune alerts to reduce false positives and improve signal quality

· Build and maintain identity incident response playbooks

· Support investigations of compromised accounts and privilege abuse

· Perform AD and Entra ID security posture assessments

· Identify configuration drift, technical debt, and risk exposure

· Deliver remediation plans and track closure

· Drive continuous identity security improvement initiatives

· Align identity security posture with Zero Trust principles

· Ensure identity controls meet internal security standards and regulatory requirements

· Support audit and risk assessments related to identity and access

· Provide evidence, documentation, and technical justifications

· Participate in design and security review boards

· Produce clear, audit‑ready documentation:

· Identity architecture diagrams

· Security standards and configuration baselines

· SOPs and operational runbooks

· Incident response procedures

· Provide knowledge transfer and guidance to internal teams

Should you be interested please send resume at mini.surendran@nairsystems.com