Identity Threat Detection And Response ITDR Analyst

Introduction

Were looking for an ITDR Security Analyst that will support the daily operational monitoring and incident handling for the ITDR platform. Analyst helps validate detections, execute tuning instructions, and ensure system readiness across Active Directory environments.

Your Role And Responsibilities

• Perform daily operational checks of ITDR collectors/connectors, domain connectivity, and platform health indicators.
• Monitor alert queues, validate detection accuracy, and escalate credible threats to SOC.
• Assist in incident enrichment using ITDR data and alert metadata for SOC use case alignment.
• Execute tuning configurations as guided by the Consultant.
• Help track false positive trends and document recommendations for future tuning.
• Document all configurations and integrations thoroughly for future reference and maintenance.
• Monitor platform integrations with other security platforms
• Raise technical issues to the Consultant after performing basic checks and log reviews.
• Generate weekly reports on alert volumes, false positives, system health, and notable anomalies.
• Maintain internal runbooks, procedures, and troubleshooting checklists for operations team reference.
  
  

• 1–3 years of experience in security operations or IT systems support with exposure to Active Directory environments.
• Working knowledge of Active Directory structure, policies, and authentication processes.
• Familiarity with identity-based threats, common AD attack vectors, and indicators of compromise.
• Basic understanding of SIEM tools, security alert triage, and log/event analysis.
• Ability to follow SOPs, perform health checks, and track operational tasks in a structured way.
• Exposure to ITDR solutions (e.g., Semperis, SentinelOne Singularity Identity Posture Management, or similar platforms) is preferred and will be considered a strong advantage.
  
  

• Strong analytical mindset, with attention to detail and problem-solving capabilities.
• Effective communication skills for coordination with internal teams and escalation to Stakeholders.
  
  

• CompTIA Security+
• Microsoft Certified: Identity and Access Administrator Associate (or equivalent AD-focused certification)
• Microsoft Certified: Security Operations Analyst Associate
• Any foundational training or certification in Active Directory administration or security
• Any entry-level SOC analyst, ITDR, or cloud security certification