IAM​/PAM Design Expert KSA

The IAM/PAM Consultant is responsible for designing, assessing, and improving identity and access control frameworks, with a focused emphasis on privileged access management. This role defines the target-state architecture for both IAM and PAM environments and drives the implementation of secure, compliant, and operationally sound access practices across the organization.

• Architecture & Design
  • Design the target-state architecture for Identity & Access Management (IAM) and Privileged Access Management (PAM), with particular focus on high-risk privileged access scenarios.
  • Define onboarding standards and integration requirements across directory services, MFA, and Single Sign-On (SSO) platforms, including end-to-end access lifecycle processes.
• Privileged Access Operations
  • Establish operational baselines for privileged access governance, covering password and key vaulting, credential rotation, approval workflows, session control and recording, and emergency "break-glass" access procedures.
  • Define a secure approach for third-party and OEM privileged access, including vendor remote access controls and governance frameworks.
• Assessment & Compliance
  • Assess current IAM/PAM configurations against industry best practices and NCA ECC (Essential Cybersecurity Controls) requirements.
  • Identify gaps and deliver clear, prioritized remediation actions with practical implementation guidance.
• Monitoring & SOC Integration
  • Define monitoring requirements and alert use-cases for integration with SOC/SIEM platforms, including detection of privileged misuse, anomalous access patterns, and high-risk behavior indicators.
• Documentation & Knowledge Transfer
  • Produce comprehensive configuration guides, Standard Operating Procedures (SOPs), and technical documentation for IT and security teams.
  • Deliver structured training and knowledge transfer sessions to ensure operational teams can sustain and manage the implemented controls.