IAM Security Architect (AD Incident Response)

Identity Security Portugal


Semperis puts people first. Within the Semperis team are world-class thought leaders, distinguished engineers, top technology experts, and visionary professionals. Our team members shape the Semperis culture, which champions strategic vision, specific expertise, intelligent and precise solutions, and continuous innovation. With teams across North America, EMEA and APAC, you’ll be working alongside top global talent from around the world. Semperis is ranked as one of the fastest-growing companies in Deloitte’s 2021 Technology Fast 500. 

What’s your passion? If you’re a purpose-driven person who always sees the glass as half full, seizes opportunities, and has an urge to learn and develop your skills while managing a balanced, healthy life—we’d love to hear from you.  

Semperis focuses on creating an employee experience that is aligned with our vision—being a Force for Good— starting with being a good workplace that empowers its employees and fosters an inclusive environment. 

What we are looking for:  

We are looking for an IAM Security Architect to join our team. 
What you will be doing: 

As an Identity and Access Management Security Architect, you will be an essential member of our Breach Preparedness and Response team, helping our customers prepare for a breach or come back from the brink during or after an attack. 

  • Get in the trenches with our customers during a breach to help them contain and remove active threats from their AD. 
  • Perform post-breach investigations to identify AD vulnerabilities, how the attackers may have gained privileged access, and what domain persistence they may have installed. 
  • Develop remediation strategies and plans for containing and removing threats from customers’ AD and effectively communicate them to customer stakeholders and technical staff. 
  • Perform security assessments of customers’ AD environments, encompassing architectural review, operational review, security configuration review, and attack path analysis. 
  • Develop roadmaps for customers to uplift their AD security posture. 
  • Help customers optimize their deployment of our products to protect their AD best. 
  • Provide input and feedback to our engineering, product, and security research teams. 
  • Maintain expert knowledge of AD attacks and security features. 
  • Develop internal tools and methodologies to improve our capabilities and deliverables. 

What you will bring to the table:    

  • At least 5 years of knowledge and hands-on experience in Active Directory security-related roles, from either the offensive or defensive side. 
  • Thorough understanding of security controls and adversary TTPs in Active Directory and Windows environments, as well as strategies and principles for securing privileged access. 
  • Experience delivering Active Directory Security Assessments or penetration testing/red teaming in AD environments – advantage. 
  • Incident response experience – a significant advantage. 
  • Knowledge and hands-on experience with Azure AD – advantage. 
  • Proven customer-facing orientation. 
  • Fluent English. 
  • Excellent verbal and written communication skills. 
  • Ability to concisely communicate complex technical concepts to non-technical audiences. 
  • Ability to effectively collaborate with other team members. 

The Semperis Story 
For security teams charged with defending hybrid and multi-cloud environments, Semperis ensures the integrity and availability of critical enterprise directory services at every step in the cyber kill chain and cuts recovery time by 90%. Purpose-built for securing hybrid Active Directory environments, Semperis’ patented technology protects over 50 million identities from cyberattacks, data breaches, and operational errors. The world’s leading organizations trust Semperis to spot directory vulnerabilities, intercept cyberattacks in progress, and quickly recover from ransomware and other data integrity emergencies.   

Semperis is proud to be an Equal Opportunity Employer. We welcome applicants of any gender, age, life status, or culture. We see only the potential and capabilities of each candidate and the unique contribution of every employee. Should you require accommodation during the recruitment process, please do not hesitate to ask.