IAM Security Analyst (UAE National)

Job Purpose

The Identity & Access Management (IAM) Security Analyst is responsible for protecting the organisation’s digital assets by managing identities, access controls, and authentication systems. This role ensures that only authorised users can access sensitive data, enforce the principle of least privilege, and support compliance with security policies and regulations. Working closely with IT Security & Governance, Group Information Technology, and other departments, the Analyst helps implement security measures, monitor for threats, and respond to incidents. 
Beyond daily operations, the Analyst develops security protocols, works closely with business units to conduct access reviews and security assessments, and recommends improvements to strengthen the organisation’s cybersecurity posture. The role also involves cross-functional collaboration, providing actionable insights to senior leadership, and promoting a culture of security awareness across the enterprise.

Job Responsibilities

Technical Responsibilities

• Access Management and Review: Lead and manage the IAM lifecycle, including provisioning, modification, deprovisioning, and access reviews across all systems and applications. 
• Security Monitoring and Incident Response: Monitor IAM and SIEM logs and alerts to identify and respond to suspicious activity, unauthorised access, and security incidents.
• Technical Due Diligence: Evaluate new applications for IAM compatibility, focusing on authentication, access controls, scalability, and security compliance.
• Vulnerability Assessment and Penetration Testing: Conduct comprehensive VA/PT across IT infrastructure, including servers, web applications, APIs, and mobile applications.
• Security Configuration Management: Oversee and optimize IAM solutions across cloud platforms, ensuring seamless system integrations and secure access through technical controls such as firewalls, WAF, NAC, and PAM.
• Security Technology Research: Actively research, evaluate, and drive next-generation security technologies and solutions to meet organisational requirements.

Business Responsibilities

• Audit Coordination and Remediation: Support the coordination of internal and external audits, track security audit findings, and report remediation efforts.
• Policy and Governance: Enforce and support the development of IAM policies, procedures, and best practices, and remediate violations in coordination with IT Operations and Application teams.
• Security Training and Awareness: Assist in developing and delivering security training programs and awareness campaigns for employees.
• Compliance Monitoring: Monitor adherence to IT and security governance frameworks and recommend improvements.
• Vendor Liaison: Liaise with vendors for POCs and demos of new IT security requirements.

Job Requirements

Qualifications

• Bachelor's degree or higher in a relevant field.
• Security certifications such as Certified Ethical Hacker (CEH) or CompTIA Security+ are preferred.

Experience

• Proven experience (typically 3+ years) in information security.

Knowledge and Skills

• Strong knowledge of cloud security, cybersecurity frameworks, standards, and best practices.
• Strong understanding of IT governance frameworks, regulatory requirements, and industry standards
• Excellent communication and interpersonal skills.
• Demonstrated ability to influence and collaborate with cross-functional teams.
• In-depth understanding of risk management, compliance, and governance principles

Experience in managing data protection mechanisms, preferably on cloud platforms like Microsoft Purview.

• Knowledge of the Microsoft Defender Suite and the Identity and Access Management suite.
• Understanding security solutions such as NAC, PAM, EDR, DLP, SIEM, SOAR, and NDR.
• Knowledge of security configurations in cloud platforms, e.g., AWS, Azure, and Microsoft 365.