← All open roles
India CoE IAM Engineer, ITDR (Identity Threat Detection and Response)
India CoE engineer focused on identity threat detection and response. Deploy, tune, and operate ITDR controls; build detections and response playbooks for identity-based attacks across client environments.
What you'll do
- Deploy and tune ITDR platforms (Silverfort, SentinelOne Singularity Identity, CrowdStrike Falcon Identity, Microsoft Defender for Identity, or similar)
- Build identity threat detection use cases and response playbooks
- Integrate ITDR with SIEM, SOAR, and IAM platforms for closed-loop response
- Triage identity-based attacks: Kerberoasting, AS-REP roasting, Golden Ticket, lateral movement
- Tune detections; reduce false positives; document response procedures
- Coordinate with client SOC teams during overlap hours
What we need from you
- 4+ years security engineering experience with at least 2 years on identity-focused detection and response
- Hands-on with at least one major ITDR or identity-aware EDR platform
- Working knowledge of Active Directory, Entra ID, and common identity attack patterns
- Familiarity with SIEM (Splunk, Sentinel, QRadar) and SOAR (XSOAR, Tines) tooling
- Comfortable working with US clients during India morning hours
- Based in India with eligibility to work for an India-registered entity
Bonus, not required
- GCIH, OSCP, or equivalent offensive or DFIR certification
- Prior incident response experience involving identity-based attacks
- Experience building detection content from threat intelligence
What you'll get
Competitive India-market base plus performance bonus. Paid certifications and conference sponsorship.