Cybersecurity Engineer (IAM & AD)

• B2B contract via Devire (130-170 PLN/h net+VAT)
• Long-term cooperation
• 100% remote work
• Equipment provided by the client
• Benefits package

• Strong experience in Identity & Access Management (IAM) and Active Directory (on-premises & cloud/Entra ID).
• Expertise in AD/Entra ID configuration, security, hardening, recovery, and resilience.
• Hands-on experience with IAM tools (e.g., SailPoint, CyberArk, Okta) and identity protocols (LDAP, SAML, OAuth2, OIDC, Kerberos).
• Knowledge of security and compliance standards (NIST, ISO 27001, CIS Benchmarks).
• Implementing, monitoring, and automating security controls, dashboards, and KPIs.
• PowerShell scripting and automation skills.
• Experience supporting incident response and coordinating vulnerability remediation, including defining action plans and mitigation measures.
• Understanding of offensive security concepts and common attacks on AD/Entra ID.
• Ability to collaborate with IT, security, and operations teams, and provide security recommendations.
• Certifications are a plus: SC-300, AZ-500, CISSP, CISM, or other IAM/cybersecurity-related credentials.

Responsibilities

• Implementation of Cybersecurity controls for IAM and Active Directory and remediation follow-up
  • Put in place automated and manual controls testing cybersecurity of Active Directory and IAM solutions.
  • Participate to IAM governance meeting with IAM Product Team, Cyber Operations and other relevant stakeholders
  • Review requested changes ensuring those changes will not jeopardize cybersecurity and implement relevant controls for the new changes.
  • Follow-up on remediation with stakeholders to ensure each non-compliant control is fixed

• Monitor Compliance
  • Implement controls dashboards and cybersecurity KPIs
  • Coordination vulnerability remediation validation
  • Define action plan to fix vulnerabilities and non-compliance and/or propose mitigation

• Cybersecurity Hardening
  • Update cybersecurity standards for IAM taking into accounts cyber incidents and new threats
  • Define and document Cybersecurity Hardening rules for AD and EntraID
  • Help technical teams implementing hardening
  • Support threat detection and incident response teams

• Resilience
  • Review and enhance AD architecture for scalability and security.
  • Maintain AD and EntraID recovery plans and processes and participate to tests those plans