Job Description
Roles & Responsibilities
Desired Candidate Profile
4–7 years in Microsoft infrastructure environments
Experience in vulnerability management and patching
Experience in Hybrid Exchange and Entra ID environments
Good communication and coordination skills
Experience in large enterprise or banking environments
Exposure to regulatory and audit frameworks
Preferred Certifications
Microsoft Azure / Windows Server / Security certifications
Vulnerability Management (Primary Focus)
Manage end-to-end vulnerability lifecycle using Qualys, Microsoft Defender.
Analyze findings across Domain Controllers, Exchange, Windows Servers, and Entra ID.
Prioritize remediation based on CVSS, exploitability, and business impact.
Ensure remediation within SLA timelines.
Provide risk acceptance and compensating controls.
Generate audit-ready reports and dashboards.
Patch Management & Security Updates
Responsible for patching AD Domain Controllers, Exchange Servers, Hybrid components, and Windows Servers.
Deploy Windows patches, Exchange SU/CU, and emergency updates.
Ensure minimal downtime patching strategies.
Entra ID & Hybrid Identity Security
Manage Entra ID and Azure AD Connect.
Monitor identity sync and authentication methods.
Remediate identity vulnerabilities and MFA/CA misconfigurations.
Ensure secure hybrid identity posture.
Hybrid Exchange Management
Manage hybrid mail flow and configuration.
Ensure continuity of services like Free/Busy and Autodiscover.
Troubleshoot hybrid mail routing and authentication issues.
Pre-Patching Risk & Impact Assessment
Review CVEs, advisories, and dependencies.
Perform impact analysis on authentication and messaging.
Validate backup and rollback strategies.
Secure Patch Deployment
Execute patching via CAB approvals.
Perform rolling DC patching and DAG-based Exchange patching.
Ensure no service disruption.
Post-Patching Validation & Hardening
Validate AD, Exchange, and Entra ID health.
Monitor logs and alerts.
Perform re-scans and implement hardening measures.
Security Compliance & Audit
Ensure compliance with PCI-DSS / ISO standards.
Maintain remediation evidence and reports.
Support audits and regulatory assessments.
Automation & Reporting
Develop PowerShell automation.
Automate vulnerability tracking and reporting.
Prepare dashboards and metrics.
On-Call Support
Actively participate in 24x7 On-Call rotation, providing support for critical incidents.
Ensure timely resolution of production issues and service restoration .
Tanqeeb.com is the pioneering search engine in The Arab World. Tanqeeb Gathers all the suitable jobs on various platforms for you in one place.