Cyber Security Engineer PAM/IAM / Cloud Security

Job Overview
The Cybersecurity Engineer (PAM / IAM / Cloud Security) is responsible for implementing, managing, and securing identity and access systems across on-premises and cloud environments. This role ensures that privileged accounts, user access, and cloud resources are properly secured, monitored, and compliant with organizational policies and regulatory standards.

Key Responsibilities1. PAM (Privileged Access Management)

• Implement, configure, and manage PAM solutions (e.g., CyberArk, BeyondTrust, Thycotic, Delinea, Azure PIM).
• Define and enforce least privilege principles and privileged session management.
• Monitor and audit privileged account activity to detect and prevent misuse.
• Automate password rotation, vaulting, and credential management processes.
• Conduct periodic privileged access reviews and compliance audits.

2. IAM (Identity and Access Management)

• Design and maintain IAM frameworks aligned with Zero Trust principles.
• Manage user provisioning, de-provisioning, and access lifecycle using tools like Okta, Azure AD, Ping Identity, SailPoint, or One Identity.
• Integrate IAM systems with cloud and enterprise applications (SSO, MFA, RBAC, SCIM).
• Develop and enforce access control policies, authentication mechanisms, and identity governance.
• Work with HR and IT to ensure access alignment during employee onboarding/offboarding.

3. Cloud Security

• Secure cloud environments (AWS, Azure, GCP) by enforcing Identity & Access controls (IAM roles, policies).
• Implement cloud-native security tools (e.g., Azure Defender, AWS IAM, GuardDuty, Security Hub).
• Perform configuration reviews, vulnerability assessments, and threat monitoring for cloud resources.
• Support incident response, risk mitigation, and compliance within the cloud infrastructure.
• Collaborate with DevOps teams to integrate security into CI/CD pipelines (DevSecOps).

4. Security Operations & Compliance

• Assist in incident investigation and response related to identity breaches or cloud threats.
• Develop and maintain security documentation, policies, and runbooks.
• Ensure compliance with frameworks such as ISO 27001, SOC 2, NIST, GDPR, or HIPAA.
• Provide technical guidance and training to internal teams on PAM, IAM, and Cloud Security best practices.

Required Skills and Experience Technical Skills

• Strong knowledge of Identity Governance, PAM, and MFA technologies.
• Hands-on experience with tools such as CyberArk, BeyondTrust, Thycotic, Delinea, SailPoint, Okta, Azure AD.
• Familiarity with Azure / AWS security models and Zero Trust architecture.
• Understanding of Active Directory, LDAP, SSO, OAuth, SAML, SCIM, and OpenID Connect.
• Experience with PowerShell, Python, or Bash scripting for automation.
• Good grasp of network security, firewalls, and endpoint protection concepts

Education & Certifications

• Bachelor’s degree in Computer Science, Information Security, or related field.
• Preferred Certifications:
• CompTIA Security+, CySA+, or CASP+
• Microsoft Certified: Azure Security Engineer Associate
• AWS Certified Security – Specialty
• Certified Identity and Access Manager (CIAM)
• Certified Information Systems Security Professional (CISSP)
• CyberArk / SailPoint / Okta certification (preferred)

Job Type: Full-time

Ability to commute/relocate:

• Muscat: Reliably commute or planning to relocate before starting work (Required)

Application Question(s):

• what is your monthly current salary?
• what is your monthly expected salary?
• what is your notice period?

Education:

• Bachelor's (Required)

Experience:

• Cyber Security Engineer PAM/IAM / Cloud Security: 3 years (Required)