Identity Threat Detection & Response (ITDR) Analyst

**Introduction** A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences. **Your role and responsibilities** We're looking for an ITDR Security Analyst that will support the daily operational monitoring and incident handling for the ITDR platform. Analyst helps validate detections, execute tuning instructions, and ensure system readiness across Active Directory environments. * Perform daily operational checks of ITDR collectors/connectors, domain connectivity, and platform health indicators. * Monitor alert queues, validate detection accuracy, and escalate credible threats to SOC. * Assist in incident enrichment using ITDR data and alert metadata for SOC use case alignment. * Execute tuning configurations as guided by the Consultant. * Help track false positive trends and document recommendations for future tuning. * Document all configurations and integrations thoroughly for future reference and maintenance. * Monitor platform integrations with other security platforms * Raise technical issues to the Consultant after performing basic checks and log reviews. * Generate weekly reports on alert volumes, false positives, system health, and notable anomalies. * Maintain internal runbooks, procedures, and troubleshooting checklists for operations team reference. **Required technical and professional expertise** * 1-3 years of experience in security operations or IT systems support with exposure to Active Directory environments. * Working knowledge of Active Directory structure, policies, and authentication processes. * Familiarity with identity-based threats, common AD attack vectors, and indicators of compromise. * Basic understanding of SIEM tools, security alert triage, and log/event analysis. * Ability to follow SOPs, perform health checks, and track operational tasks in a structured way. * Exposure to ITDR solutions (e.g., Semperis, SentinelOne Singularity Identity Posture Management, or similar platforms) is preferred and will be considered a strong advantage. Soft Skills: * Strong analytical mindset, with attention to detail and problem-solving capabilities. * Effective communication skills for coordination with internal teams and escalation to Stakeholders. **Preferred technical and professional experience** Certifications * CompTIA Security* Microsoft Certified: Identity and Access Administrator Associate (or equivalent AD-focused certification) * Microsoft Certified: Security Operations Analyst Associate * Any foundational training or certification in Active Directory administration or security * Any entry-level SOC analyst, ITDR, or cloud security certification IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.