×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Senior Identity Protection Specialist

Job in Billingham, Durham County, TS23, England, UK
Listing for: FujiFilm
Full Time position
Listed on 2026-06-21
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 80000 - 100000 GBP Yearly GBP 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Protect identities at global scale. We’re hiring a hands-on Senior Identity Protection Engineer/Specialist to lead detection, investigation, and response for identity-based threats across Microsoft Entra /Azure AD, on ‑ prem Active Directory, and connected SaaS/IaaS. You’ll serve as the enterprise SME/administrator for Crowd Strike Identity Protection, tune high-fidelity detections, integrate dark web intelligence, and orchestrate automation that measurably reduces MTTD/MTTR and risk.

What you’ll doLead identity threat monitoring and triage

Operate and tune Crowd Strike Identity Protection; monitor SIEM/UEBA and identity telemetry for risks like impossible travel, atypical sign ‑ ins, MFA fatigue, and session hijacking

Validate true/false positives, prioritize by business impact, and escalate per playbooks/SLAsDrive rapid containment and remediation

Execute containment actions (disable accounts, revoke sessions/tokens, isolate hosts)
Coordinate remediation with IAM/Endpoint/Infrastructure; verify risk reduction to closure

Own identity-focused incident response

Lead IR for credential compromise, privilege escalation, directory persistence, and lateral movement

Ensure evidence handling, root cause analysis, post ‑ incident reviews, and lessons learned

Engineer detections and hunt for threats

Build and refine detections and hunts across SIEM/EDR/identity platforms using KQL/SQL/regex/Sigma aligned to MITRE ATT&CKClose visibility gaps, reduce false positives, and expand privileged activity monitoring

Strengthen privileged access controls

Detect anomalous privileged behavior via SIEM/UEBA and Netskope telemetry

Recommend/enforce JIT, break ‑ glass patterns, and mover/leaver privilege hygiene with IAMRespond to dark web/credential exposure

Integrate sources like Cyber Int; assess exposure and targeted campaigns

Orchestrate takedowns, forced resets, token revocation, and Conditional Access updates

Administer platforms and sustain hygiene

Maintain coverage/health for identity monitoring; manage upgrades and changes via CABKeep operational runbooks, SOPs, and playbooks current

Automate and orchestrate at scale

Use Power Shell/Python and REST/Graph/Crowd Strike APIs (and SOAR where applicable) to automate enrichment and response, standardize workflows, and improve signal fidelity

Shape identity policy and controls

Advise on Conditional Access, MFA exceptions, SSO/SCIM patterns, and session controls under the shared ‑ responsibility model with IAMReport outcomes and support audits

Produce executive-ready dashboards and KPIs (identity incident volume, MTTD/MTTR, CA/MFA efficacy, exposure/takedown cycle time)
Maintain audit-ready evidence and support internal/external audits

What you’ll bring

Bachelor’s degree in Cybersecurity, Computer Science, IT, or related field; or equivalent practical experience8+ years in IT/cybersecurity, including 3+ years focused on identity security/operations (Entra /Azure AD, on ‑ prem AD, MFA, Conditional Access, SSO/SCIM)
Hands-on enterprise experience administering/operating Crowd Strike Identity Protection Proficiency with SIEM/UEBA (Splunk preferred) and cloud security platforms (e.g., Netskope) for identity telemetry, detection, and investigations

Demonstrated experience in identity ‑ centric IR, threat hunting, and detection engineering (KQL/SQL/regex/Sigma)
Scripting/automation with Power Shell and Python; experience with REST/Graph/Crowd Strike APIs and SOARClear communication and documentation skills; comfortable producing executive ‑ ready reports and audit evidence

Operates effectively within change control/CAB and under pressure during high ‑ severity incidents

Bonus points

Certifications:

Microsoft SC ‑ 200/SC ‑ 300;
Okta Certified Administrator/Professional; CISSP, SSCP, Security+; GIAC (GMON, GCIH, GCDA) or equivalent

Deep knowledge of identity attack paths and protocols (Kerberos/NTLM), token/session abuse, and persistence techniques (e.g., Golden/Silver Ticket, DCShadow)

Experience with JIT/JEA, PAM concepts, and global on ‑ call rotations

Location, work style, and travel

Opportunities in the United States, United Kingdom, and Denmark Onsite or hybrid depending on location and business…
Position Requirements
10+ Years work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search