Apply for Identity Protection Developer Job

8 to 10 Years Relevant Experience

We are seeking an experienced Senior Security Incident Response Analyst with strong expertise in Identity and Access Management (IAM) and deep technical knowledge in enterprise security operations. This role will play a critical part in detecting, responding to, and investigating security incidents while supporting IAM best practices and integration across cloud and on-prem environments.

Key Responsibilities:

• Lead the identification, triage, and investigation of complex security incidents across a large-scale enterprise environment.
• Apply advanced IAM principles to assess access-related risks and help enforce strong identity governance.
• Conduct host and memory forensics on systems including Windows, macOS, and Linux, including live incident response and analysis.
• Work closely with infrastructure, IAM, and application teams to support investigations and implement preventative controls.
• Utilize tools and processes for incident response, log analysis, and endpoint detection.
• Maintain deep familiarity with enterprise Active Directory (on-prem) and Azure Entra ID (formerly Azure AD) to investigate and secure user access.
• Provide expert guidance on industry security best practices, incident containment, and recovery strategies.

Required Skills & Experience:

• 8–10 years of hands-on experience in Security Incident Response and investigations.
• Strong familiarity with IAM principles, identity lifecycle management, and access control best practices.
• Broad, expert-level understanding of enterprise information security concepts, frameworks, and technologies.
• Experience with Microsoft Active Directory (on-prem) and Azure Entra ID (Azure AD).
• Deep knowledge of operating systems internals, including processes, registries, file systems, and memory structures.
• Proven experience with host and memory forensics, including live response techniques across Windows, macOS, and Linux environments.

Preferred Qualifications:

• Security certifications such as GCFA, GCIH, CISSP, or equivalent.
• Experience with SIEM, SOAR, and EDR platforms.
• Familiarity with threat hunting methodologies and threat intelligence integration.
• Knowledge of cloud security operations in Azure or multi-cloud environments.