ITDR Identity Threat Intelligence Analyst

Work Mode: Work From Office

Role: ITDR Identity Threat Intelligence Analyst

Description:

Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related fields

5+ years of experience in security engineering, IAM engineering, or threat detection

Strong understanding of identity systems including on-prem Active Directory, Entra ID, privileged access platforms, and non-human identities

Experience working with identity detection and cloud security platforms namely

Microsoft Defender for Identity (MDI), Wiz.io and Airflow is required.

Experience with security monitoring, detection engineering, or SIEM/SOAR platforms

Familiarity with cloud and hybrid environments including Azure, AWS, and on-
prem infrastructure

Knowledge of identity attack techniques and threat frameworks such as MITRE ATT&CK (including identity-related tactics and techniques)

Experience working with logs, signals, and identity telemetry across multiple platforms

Strong analytical, documentation, and stakeholder engagement skills

KEY MEASURES

Scorecard/Compliance

Effectiveness of identity threat detections and response capabilities

Successful completion of PoV and pilot activities for ITDR

Coverage of prioritized identity threat scenarios across supported platforms

Compliance with ITDR and IAM control requirements

Requirements

Qualifications:

Essential: Computer Science/Cybersecurity Engineering/Master Degree

Experience:

Years of Experience: 7 to 9 years of experience

Nature of Experience: ITDR Engineering

RESPONSIBILITIES*

Assess and compare the capability of existing and new security and detection tools within the Bank (e.g. Microsoft Defender for Identity (MDI), Wiz.io) to support ITDR objectives

Evaluate tool coverage across platforms including Azure, AWS, on-prem Active Directory, Entra ID, UNIX, and other relevant systems

Design and execute proof-of-value (PoV) activities to validate detection and response for identity-based threats

Engineer and enhance identity telemetry and signals required for ITDR use cases

Develop and validate identity threat detection logic aligned to MITRE ATT&CK techniques

Collaborate with IAM, security operations, and architecture teams to identify gaps in detection and response coverage

Support the design and rollout of an ITDR pilot covering approximately 50% of prioritized identity threat use cases and scenarios

Produce engineering documentation, PoV findings, pilot artefacts, and implementation recommendations

Contribute to ITDR operating model, secure-by-design principles, and SDLC processes

Stay current with emerging identity threats, attacker techniques, and ITDR best practices