Description: 5+ years of experience in threat intelligence, security analysis, or cyber defense Strong understanding of IAM systems including on-prem Active Directory, EntraID , privileged access, and non-human identities Experience working with identity detection and cloud security platforms such as Microsoft Defender for Identity (MDI), Wiz.io and Airflow is preferred. Familiarity with cloud and hybrid environments including Azure, AWS, on-prem infrastructure, and UNIX platforms Knowledge of identity-based attack techniques and threat frameworks such as MITRE ATT&CK, with emphasis on identity-relevant tactics and techniques Experience analyzing threat intelligence sources and mapping threats todet ections and controls Familiarity with security monitoring, detection engineering, or operations Strong analytical, research, documentation, and stakeholder communication skills KEY MEASURES Scorecard/Compliance Quality and relevance of identity threat intelligence and analysis Contribution to ITDR PoV and pilot readiness Coverage of prioritized identity threat scenarios across supported platforms Effectiveness in translating threat intelligence into actionable detection use cases Experience: Nature of Experience: Identity Threat Intelligence (ITDR) RESPONSIBILITIES* Analyze identity-focused threat intelligence and attacker techniques relevant to the Bank's environment Assess identity threat coverage of existing tools within the Bank (e.g. Microsoft Defender for Identity (MDI), Wiz.io) Map identity threat scenarios to supported platforms including Azure, AWS, on- prem Active Directory, Entra ID, UNIX, and other systems Support proof-of-value (PoV) activities by validating threat scenarios against available detections and telemetry Align identity threat scenarios to MITRE ATT&CK techniques and tactics Translate identity threat intelligence into prioritized ITDR detection use cases and scenarios Collaborate with ITDR engineers, IAM teams, and security operations to refine detection logic and response strategies Support the preparation and rollout of an ITDR pilot of prioritized identity threat use cases Maintain identity threat scenarios, adversary techniques, and threat narratives for ongoing ITDR use Produce threat intelligence reports, PoV findings, and pilot artefacts to support governance and planning Stay current with evolving identity threats, attacker behaviors, and industry threat trends
