Exposure Intelligence Analyst – Endpoint & Identity; EDR/AD-Entra/PAM/MFA
Listed on 2026-07-03
-
IT/Tech
Cybersecurity
Overview
Exposure Intelligence Analyst – Endpoint & Identity (EDR / AD‑Entra / PAM / MFA). The SME is responsible for identifying and prioritizing exposure risk across endpoints and identity systems, including EDR posture, AD/Entra configurations, PAM, MFA enforcement, and device posture. The role focuses on the most common real‑world attacker pathways by combining identity‑centric exposure intelligence with endpoint realities and partnering closely with identity and endpoint engineering owners.
Key Responsibilities- Convert endpoint/identity signals into exploitability‑aware exposure intelligence.
- Identify chained attack paths such as endpoint compromise, credential theft, privilege escalation, and lateral movement.
- Produce clear remediation plans; support validation and closure tracking.
- Own SME coverage for identity controls and endpoint posture: address MFA gaps, privilege pathways, stale accounts, insecure configurations, weak conditional access policies, and device compliance gaps.
- Identify systemic identity risks including excessive privileges, weak authentication flows, misconfigured policies, and high‑risk administrative surfaces.
- Partner with IAM and endpoint teams to implement durable corrective actions.
- At least 3 years of experience in identity security, endpoint security, security operations, or exposure management.
- Working knowledge of AD/Entra fundamentals, MFA/PAM concepts, and endpoint control posture.
- Ability to describe attacker identity tradecraft and prioritize based on exploitability.
- Deep experience with endpoint platforms (Windows 10/11, macOS) and identity systems (Active Directory, Entra ).
- Experience with identity telemetry, privilege analysis, and identity attack path concepts.
- Automation skills using Power Shell, KQL, or Python for evidence gathering and validation.
Annual salary range: $ – $, based on experience and qualifications.
Additional InformationCandidates will be required to submit to a background investigation.
Allstate does not sponsor individuals for employment‑based visas for this position.
Equal Employment OpportunityAllstate is an equal opportunity employer. We are committed to a workplace where all employees and applicants are treated fairly and with respect, and we are proud to offer major opportunities for people of all backgrounds. Discrimination or harassment on the basis of race, color, national origin, gender, sexual orientation, gender identity, religion, age, … [the full non‑discriminatory statement continues here]
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).