Identity and Threat Detection Engineer

Overview

On Site
USD60 - USD80
Contract - W2

Skills

Identity and Threat Detection Engineer

Job Details

job summary:

Our client has a long term hybrid position to provide Identity and Threat Detection support in an enterprise environment.


In office 3 days a week


Must be local


W2 Only ** No Corp to Corp **




location: Edison, New Jersey

job type: Contract

salary: $60 - 80 per hour

work hours: 8am to 5pm

education: No Degree Required



responsibilities:

Identity and Account Assurance



  • AAMPS Expired/Overdue Passwords
  • Active Directory Health/Cleanup
  • Stale accounts
  • Computer objects that were retired but still in AD
  • Accounts that haven't logged in in a year
  • Service accounts


    • Are they in the right groups?
    • Are they over-provisioned?
    • Do they have interactive login?


      • If they do, do they need it?

    • Are they scoped to the right machines?
    • Are they in the right password policy group?
    • Duo?
    • Is the service account used in the right spot (e.g., Cognos account used elsewhere)?
    • Cross-contamination (dev used in prod)



Threat Monitoring and Detection Engineering



  • Red Flags (including responses back to CAs with templates)
  • Threat Command Alerts
  • New Splunk Use Cases - detections
  • Canary Alerts
  • Extrahop Alerts
  • CrowdStrike Identity Alerts


Threat Intelligence and Vulnerability Management



  • Threat Intelligence (applicable vulnerabilities or news)
  • BloodHound
  • PingCastle
  • Outdated Applications


Access and Privilege Management



  • Local admin cleanup for workstations and servers
  • Azure AD duplicated credentials


Optimization and Low-Priority Tasks



  • Long tail analysis


    • Examine all apps installed at the firm
    • Look at bottom 25 and where and why they are installed



#LI-NB2




qualifications:


  • 3-5+ years of experience in cybersecurity or infrastructure roles
  • Hands-on experience with:



    • Active Directory & Azure AD administration
    • Identity lifecycle processes
    • SIEM platforms (especially Splunk)
    • EDR tools like CrowdStrike
    • Threat analysis tools (Canary, Extrahop, BloodHound)

  • Experience responding to security alerts, red flags, and audits
  • Practical knowledge of security frameworks (MITRE ATT&CK, NIST, CIS)


skills:

  • Active Directory
  • Threat Command Alerts
  • Splunk
  • CrowdStrike
  • BloodHound
  • PingCastle
  • Azure






Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact

Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).

This posting is open for thirty (30) days.


Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.