Role Summary
We are looking for an Identity & Access Security Specialist to assess, remediate, and strengthen the security posture of Active Directory (On-Prem) and Azure Active Directory (Entra ID) environments. The role focuses on PingCastle-based assessments, risk remediation, downtime impact analysis, and post-remediation validation.
Key Responsibilities
– Perform Active Directory security assessments using PingCastle
– Analyze and classify security findings (Critical / High / Medium / Low)
– Identify identity-related risks and map them to real-world attack scenarios
– Plan and execute remediation activities for AD and Azure AD
– Harden privileged access, authentication, GPOs, ACLs, and legacy protocols
– Implement and improve Azure AD Conditional Access and MFA policies
– Estimate remediation downtime and assess business impact
– Execute approved changes with rollback plans
– Validate fixes through post-remediation PingCastle scans
Key Deliverables
– PingCastle Assessment & Risk Analysis Report
– AD & Azure AD Risk Register
– Remediation and Execution Plan
– Downtime & Impact Assessment
– Post-Remediation Validation Report
Required Skills
– Strong hands-on experience with Active Directory (On-Prem) security
– Experience with Azure AD / Entra ID
– Hands-on knowledge of PingCastle
– Expertise in identity hardening, privileged access, and MFA
– Understanding of identity attack paths and security best practices
Preferred Qualifications
– Exposure to ISO 27001 / SOC 2 audit remediation
– Knowledge of MITRE ATT&CK (IAM-related threats)
– Strong documentation and change management skills
– Relevant security certifications (preferred)