Cybersecurity & IAM Technical Specialist (Cloud, IT Audit & Offensive Security)

We are seeking a highly skilled technical specialist with strong expertise in cybersecurity, cloud security, IAM, IT audit, and offensive security techniques. The role combines security architecture, governance, identity engineering, audit execution, automation, and adversarial analysis across cloud and hybrid infrastructures.
The ideal candidate brings hands-on technical capability, deep knowledge of international security frameworks, strong auditing experience, and proven skill in securing identity lifecycle processes and cloud environments.

Certifications or simmilar

Cybersecurity, Audit & GRC

• ISO 27001 Certified Lead Auditor
• Certified in Cybersecurity (CC) – ISC2
• Cyber Security Governance, Risk and Compliance Mastery
• Google Cyber Security Certificate (Linux, MySQL, Python labs)
• Fortinet Certified Fundamentals in Cybersecurity
• IBM Cloud DevSecOps Essentials v2 – IBM

Offensive Security & Threat Intelligence

• C3SA Premium Edition – Cyberwarfare Labs
• Cyber Threat Intelligence 101 – arcX
• Certified Ethical Hacker – Course Completion (Cybrary)
• Introduction to Cybersecurity & IoT – CISCO

Education: Technical degree ( Computer Science, Cybersecurity, Software Engineering, or a related technical field)



Required Technical Skills

• IAM engineering: Entra ID, Azure AD, AD, Intune, MFA, RBAC, SSO, SCIM, lifecycle automation.
• Cloud security architecture (Azure).
• Authentication & federation protocols: SAML, OAuth2, LDAP.
• Scripting & automation: PowerShell, Python, C#.
• Security frameworks: ISO 27001, NIST CSF, NIS2, DORA, GDPR.
• Threat analysis, CTI, DLP, IR, access governance.

Candidate Profile

• Strong analytical mindset and risk-based thinking.
• Ability to merge deep technical insight with governance and audit requirements.
• Comfortable interacting with technical engineering teams, auditors, and executive stakeholders.Experienced in designing, securing, and operating critical identity and cloud systems.
• English speaker;
• Ambition and desire to assert oneself through performance;
• Willingness to learn continuously
• Positive attitude and orientation towards the client (to have charisma)
• Ability to synthesize, observe, organize, and manage time efficiently
• Ability to have flexibility of the schedule, with orientation of the client’s needed
• Practice profession with passion
• Loyalty about the company and culture of company
• Family center of his/her principal value.

Key Responsibilities

1. Identity & Access Management (IAM)

• Design and implement IAM architectures including RBAC, least privilege, conditional access, and JML lifecycle automation.
• Configure, review, and strengthen Microsoft Entra ID / Azure AD, Active Directory, MFA, SSO, and related access controls.
• Build and maintain policies, standards, and governance frameworks for cloud and hybrid identity systems.
• Integrate identity services with applications, HR systems, and third-party platforms (SSO, SCIM, OAuth2, SAML).

2. Cloud & Security Architecture

• Develop and enhance Zero Trust architecture models and risk-based access approaches.
• Perform cloud hardening and secure configuration of Azure identity, endpoints, and authentication layers.
• Implement security automation using PowerShell, Python, or C# to operationalize controls and reduce manual workloads.

3. IT Audit, Compliance & GRC

• Execute technical and compliance audits aligned with: ISO 27001, NIS2, NIST CSF, DORA, GDPR.
• Contribute to ISMS development, SoA, risk assessments, DPIAs, and continuous compliance processes.
• Conduct IAM gap assessments, maturity evaluations, and remediation planning.

4. Offensive Security & Threat Analysis

• Support security testing engagements and adversarial simulations.
• Identify attack vectors and contribute to threat modelling and cyber threat intelligence activities.
• Participate in red/blue/purple-team style technical assessments depending on project needs.

5. Incident Response & Security Operations

• Participate in incident analysis, technical triage, and post-incident investigations.
• Define and maintain technical security policies, access standards, and operational procedures.
• Contribute to the continuous improvement of monitoring, detection, and security posture management.

What we can offer:

• A pleasant and dynamic work environment where you can't get bored;
• The chance to learn and develop continuously - by participating in programs, courses, etc. in accordance with the established career plan;
• Private health insurance;
• Participation at conferences and business events paid by the company;
• Continuous training and preparation
• Flexible schedule: from home and from the office
• Open minded management vision.

With entrepreneurial thinking and business oriented, we are a multidisciplinary team willing to analyse, build and participate in brainstorming in order to identify optimal solutions for business development.

Curious to know more about us? Click on Apply and let's have a meeting.

Decalex Digital operates as a global entity, providing Governance, Risk Management, and Compliance (GRC) services, with well-established presences in Romania and the UK.
With over a decade of expertise in privacy and cybersecurity Decalex stands as a market leader, providing a comprehensive suite of Governance, Risk Management, and Compliance (GRC) services. Our offerings encompass a wide spectrum from data protection and cybersecurity to Anti-Money Laundering (AML)/Know Your Customer (KYC) compliance and whistleblowing support.
All team members are seniors and are internationally certified as experts in the industry. Moreover, to provide a complete perspective on the client company's situation when compliance is sought, the team of specialists involved in the project is multidisciplinary (Legal, IT, Project management, business intelligence).
Decalex is lauded for its innovative solutions and business-focused approach, crafting and managing compliance plans that safeguard data, ensure cybersecurity, comply with financial regulations, and facilitate ethical business practices. Our dedication to excellence and comprehensive service offerings make us the partner of choice for businesses seeking to navigate the complexities of GRC with ease and assurance.