Overview
IAM Security Engineer Jobs in Jeddah, Makkah, Saudi Arabia at OpenTech HR | شركة التقنيات المفتوحة
Title: IAM Security Engineer
Company: OpenTech HR | شركة التقنيات المفتوحة
Location: Jeddah, Makkah, Saudi Arabia
Job Title: IAM security Engineer – Microsoft Azure IAM SME
Location: Jeddah
Salary: 25k-35k SAR
Experience: 8-12 years
Job Description
Microsoft Entra (Entra ID, Permissions Management, ID Governance)
• Identity & Access Management (IAM) concepts (SSO, MFA, conditional access, RBAC).
• Entra ID administration (user/group management, app registration, service principals).
• Federation & integration (SAML, OAuth 2.0, OpenID Connect).
• Identity Governance (access reviews, entitlement management, lifecycle workflows).
• Permissions Management (cloud entitlements across Azure, GCP).
• Troubleshooting authentication & authorization issues.
Microsoft Azure
• Azure AD / Entra integration with Azure resources.
• Azure RBAC & security best practices.
• Azure Policy & compliance management.
• Azure Monitor, Log Analytics, Sentinel (security monitoring).
• Familiarity with ARM templates/Bicep for infrastructure automation.
Microsoft Active Directory (AD)
• AD domain services administration (user, group, OU, GPO).
• Domain & forest trust management.
• DNS integration with AD.
• AD replication & troubleshooting (dcdiag, repadmin).
• Security hardening (admin tiering, delegation).
• AD backup & recovery procedures.
Microsoft Active Directory Certificate Services (AD CS)
• PKI concepts (public/private keys, X.509 certificates, CRL, OCSP).
• Installing & configuring AD CS (root CA, subordinate CA).
• Certificate templates, enrollment policies, and auto-enrollment.
• Managing CRLs & OCSP responders.
• Securing CA infrastructure & key material.
• Certificate lifecycle management & renewal automation.
Certificate Lifecycle Management (CLM)
• Managing certificate inventories & expiration alerts.
• Automated issuance & renewal (SCEP, ACME protocols).
• Integrating PKI with endpoint, server, and network devices.
• Governance & compliance for certificate usage.
• Transitioning cryptographic algorithms (e.g., SHA-1 → SHA-256, RSA → ECC).
Microsoft PKI
• Deep understanding of PKI trust chains.
• Secure design of enterprise PKI.
• Policy & practice statement creation.
• Hardware Security Module (HSM) integration.
• Root & subordinate CA separation & protection.
Microsoft Network Policy Server (NPS)
• RADIUS server configuration.
• Integration with AD for authentication.
• NPS policies for wired/wireless 802.1X authentication.
• NPS & MFA integration.
• Troubleshooting RADIUS authentication issues (logs, Event Viewer).
Google Cloud Console Management
• GCP IAM (roles, service accounts, policies).
• Project, folder, and organization-level resource management.
• Integration with external identity providers (Entra ID, SAML).
• Monitoring & logging with Google Cloud Operations Suite.
• Security best practices in GCP (org policy, security command center).