Security operations officer - iam specialist

Black & Grey HR is recruiting for an established technology solutions and services provider in Doha, Qatar. Our client is seeking an experienced Security Operations Officer – IAM Specialist who will be responsible for designing, implementing, and managing enterprise-wide Identity & Access Management (IAM) frameworks. This role plays a critical part in securing access to systems, applications, and cloud environments, ensuring strong governance, privileged account security, and compliance across the organization. The position demands deep hands‑on expertise in IAM, PAM, IGA, and cloud identity platforms along with bilingual proficiency in Arabic. Key Responsibilities IAM Implementation & Operations Deploy, configure, and manage enterprise IAM solutions including SSO, MFA, Federation, Azure Entra ID, Sail Point, and others. Implement and administer IAM architectures in GCP (Cloud Identity, IAM, Workforce Identity Federation, Workload Identity Federation, Identity‑Aware Proxy). Implement IAM capabilities within Azure (Entra ID, Conditional Access, Privileged Identity Management, Identity Protection, Entitlement Management). Provide technical inputs for IAM architecture planning and roadmap decisions. Support the rollout of Zero Trust models and adaptive authentication policies. Integrate IAM systems across on‑premise IT, cloud, and Operational Technology (OT) environments. Perform periodic access reviews to eliminate privilege creep and enforce least privilege.Privileged Access Management (PAM)Implement, configure, and manage enterprise PAM platforms. Secure privileged accounts and enforce Just‑In‑Time (JIT) and Just‑Enough‑Access (JEA) models. Configure privileged session monitoring, recording, and risk‑based controls. Conduct periodic privileged account certifications and reviews. Administer break‑glass emergency access procedures.Identity Lifecycle Management Automate identity lifecycle processes including Joiner–Mover–Leaver workflows. Implement automated provisioning and deprovisioning across applications and systems. Configure and maintain RBAC (Role‑Based Access Control) and ABAC (Attribute‑Based Access Control) models.Identity Governance & Administration (IGA)Deploy and manage IGA platforms (e.g., Sail Point, Saviynt). Configure and lead access certification campaigns and periodic access reviews. Enforce Segregation of Duties (So D) policies with conflict analysis and remediation. Generate compliance reports, audit trails, and governance documentation.Cloud IAM Integration Integrate IAM solutions across multi‑cloud platforms: AWS IAM, Azure Entra ID, and GCP Cloud Identity. Implement cross‑cloud identity federation, SSO, and unified authentication flows.Governance, Risk & Collaboration Produce IAM dashboards, metrics, and KPIs for leadership and governance committees. Monitor identity risk scores and deploy risk‑based access controls. Identify IAM security gaps and recommend appropriate mitigation strategies. Support incident response investigations related to IAM and PAM systems. Ensure adherence to IAM policies, standards, and regulatory frameworks including ISO 27001, Qatar NIA, QCSF, PDPPL, and other national compliance requirements. Collaborate with application teams, infrastructure owners, and business units to develop IAM‑aligned security solutions.Requirements10+ years of hands‑on experience in IAM engineering, administration, and PAM operations. Bilingual proficiency in Arabic (mandatory). Deep technical expertise in GCP IAM (Cloud Identity, Identity Federation, IAM policies, service accounts, IAP). Strong experience with Privileged Access Management tools and privileged identity controls. Proven experience with IGA platforms and access certification workflows. Solid background in Active Directory architecture, administration, and hardening. Experience integrating IAM with Saa S platforms, enterprise apps, APIs, and hybrid cloud environments. Education Bachelor’s degree in Computer Science, Information Security, or a related field. Certifications (Preferred)CISSP CCSP Azure Security Engineer GCP Professional Cloud Security Engineer Cyber Ark Certified Trustee/Defender Sail Point Identity Now / Identity IQ Certifications Cloud security certifications (Azure, GCP, AWS Security Specialty) Required Skillset Strong hands‑on experience with enterprise IAM & IGA platforms. Proven capability in managing PAM solutions at scale. Deep expertise in Azure IAM (Entra ID, Conditional Access, PIM, MFA, Entitlement Management). Experience configuring and managing cloud IDPs in hybrid environments. Skilled in securely managing service account lifecycle and automation. Experience designing and implementing RBAC frameworks, custom IAM roles, and permissions. Benefits Competitive Salary + Benefits Package