Job Description

Locations

• Taguig City, PH, India (Remote)

Salary

Skills Required

• Active Directory securityintermediate
• Identity-centric threat detectionintermediate
• Security platforms administrationintermediate
• AD monitoringintermediate
• Windows authentication mechanismsintermediate
• Identity-based attack techniquesintermediate
• MITRE ATT&CK TTPsintermediate
• SIEM integrationintermediate
• SOAR integrationintermediate
• Event correlationintermediate
• Security policy creationintermediate
• Technical documentationintermediate
• Reportingintermediate
• ITDR solutions (e.g., Semperis, SentinelOne Singularity Identity Posture Management)intermediate

Required Qualifications

• 5+ years in cybersecurity with strong exposure to Active Directory security or Identity-centric threat detection (experience)
• Hands-on experience administering and configuring security platforms or tools related to AD monitoring, identity threat detection, or security analytics (experience)
• Deep understanding of Active Directory and Windows authentication mechanisms (experience)
• Strong grasp of identity-based attack techniques and MITRE ATT&CK TTPs relevant to AD (experience)
• Proficiency with SIEM or SOAR integrations and understanding of event correlation (experience)
• Experience in security policy creation, technical documentation, and reporting (experience)

Preferred Qualifications

• Experience with ITDR solutions such as Semperis (experience)
• Familiarity with other similar platforms like SentinelOne Singularity Identity Posture Management, or equivalent (experience)
• Any ITDR platform administration certifications (experience)

Responsibilities

• Serve as the SME and primary administrator of the ITDR platform, ensuring full operational integrity and optimization
• Lead the platform configuration and customization, including domain controller integration, alerting logic, GPO compatibility, and baseline policy setup
• Implement, tune, and validate detection rules based on evolving TTPs and threat intelligence
• Manage alert governance, suppression rules, watchlists, and relevance thresholds to reduce false positives and alert fatigue
• Oversee version upgrades, configuration change management, and rollback plans
• Define integration requirements for SIEM, SOAR, and ticketing systems, ensuring seamless interaction
• Document all security, backup, and access control requirements for the ITDR platform
• Coordinate with SOC, Threat Intel, and Incident Response for alert correlation and enrichment
• Drive quarterly platform posture reviews, presenting detection effectiveness, coverage gaps, and tuning metrics
• Maintain and author ITDR operational playbooks, SOPs, and tuning guidelines
• Support audit readiness, compliance reviews, and internal stakeholder reporting

Benefits

• general: Opportunity to learn and develop career
• general: Encouragement to be courageous and experiment
• general: Continuous trust and support in an inclusive environment
• general: Growth-minded culture with emphasis on curiosity and feedback
• general: Collaboration with colleagues for exceptional customer outcomes
• general: Commitment to being a responsible technology innovator and force for good
• general: Equal-opportunity employment

Tags & Categories