Senior Identity Protection Specialist

Senior Identity Protection Specialist

Full-Time 60000 - 80000 £ / year (est.) No working from home possible
Fujifilm UK

At a Glance

  • Tasks: Protect identities globally by leading detection and response for identity threats.
  • Company: Join a forward-thinking tech company dedicated to cybersecurity.
  • Benefits: Enjoy competitive pay, health coverage, and a supportive work-life balance.
  • Other info: Opportunities for growth in a dynamic, data-driven environment.
  • Why this job: Make a real impact on identity security while solving complex challenges.
  • Qualifications: 8+ years in IT/cybersecurity with a focus on identity security.

The predicted salary is between 60000 - 80000 £ per year.

Position Overview

Protect identities at global scale.

We're hiring a hands‑on Senior Identity Protection Engineer/Specialist to lead detection, investigation, and response for identity‑based threats across Microsoft Entra ID/Azure AD, on‑prem Active Directory, and connected Saa S/Iaa S.

You'll serve as the enterprise SME/administrator for Crowd Strike Identity Protection, tune high‑fidelity detections, integrate dark web intelligence, and orchestrate automation that measurably reduces MTTD/MTTR and risk.

  • What you’ll do
  • Lead identity threat monitoring and triage
  • Operate and tune Crowd Strike Identity Protection; monitor SIEM/UEBA and identity telemetry for risks like impossible travel, atypical sign‑ins, MFA fatigue, and session hijacking
  • Validate true/false positives, prioritize by business impact, and escalate per playbooks/SLAs
  • Drive rapid containment and remediation
  • Execute containment actions (disable accounts, revoke sessions/tokens, isolate hosts)
  • Coordinate remediation with IAM/Endpoint/Infrastructure; verify risk reduction to closure
  • Own identity‑focused incident response
  • Lead IR for credential compromise, privilege escalation, directory persistence, and lateral movement
  • Ensure evidence handling, root cause analysis, post‑incident reviews, and lessons learned
  • Engineer detections and hunt for threats
  • Build and refine detections and hunts across SIEM/EDR/identity platforms using KQL/SQL/regex/Sigma aligned to MITRE ATT&CK
  • Close visibility gaps, reduce false positives, and expand privileged activity monitoring
  • Strengthen privileged access controls
  • Detect anomalous privileged behavior via SIEM/UEBA and Netskope telemetry
  • Recommend/enforce JIT, break‑glass patterns, and mover/leaver privilege hygiene with IAM
  • Respond to dark web/credential exposure
  • Integrate sources like Cyber Int; assess exposure and targeted campaigns
  • Orchestrate takedowns, forced resets, token revocation, and Conditional Access updates
  • Administer platforms and sustain hygiene
  • Maintain coverage/health for identity monitoring; manage upgrades and changes via CAB
  • Keep operational runbooks, SOPs, and playbooks current
  • Automate and orchestrate at scale
  • Use Power Shell/Python and REST/Graph/Crowd Strike APIs (and SOAR where applicable) to automate enrichment and response, standardize workflows, and improve signal fidelity
  • Shape identity policy and controls
  • Advise on Conditional Access, MFA exceptions, SSO/SCIM patterns, and session controls under the shared‑responsibility model with IAM
  • Report outcomes and support audits
  • Produce executive‑ready dashboards and KPIs (identity incident volume, MTTD/MTTR, CA/MFA efficacy, exposure/takedown cycle time)
  • Maintain audit‑ready evidence and support internal/external audits
  • What you’ll bring
  • Bachelor’s degree in Cybersecurity, Computer Science, IT, or related field; or equivalent practical experience
  • 8+ years in IT/cybersecurity, including 3‑5+ years focused on identity security/operations (Entra ID/Azure AD, on‑prem AD, MFA, Conditional Access, SSO/SCIM)
  • Hands‑on enterprise experience administering/operating Crowd Strike Identity Protection
  • Proficiency with SIEM/UEBA (Splunk preferred) and cloud security platforms (e. g., Netskope) for identity telemetry, detection, and investigations
  • Demonstrated experience in identity‑centric IR, threat hunting, and detection engineering (KQL/SQL/regex/Sigma)
  • Scripting/automation with Power Shell and Python; experience with REST/Graph/Crowd Strike APIs and SOAR
  • Clear communication and documentation skills; comfortable producing executive‑ready reports and audit evidence
  • Operates effectively within change control/CAB and under pressure during high‑severity incidents
  • Bonus points
  • Certifications: Microsoft SC‑200/SC‑300; Okta Certified Administrator/Professional; CISSP, SSCP, Security+; GIAC (GMON, GCIH, GCDA) or equivalent
  • Deep knowledge of identity attack paths and protocols (Kerberos/NTLM), token/session abuse, and persistence techniques (e. g., Golden/Silver Ticket, DCShadow)
  • Experience with JIT/JEA, PAM concepts, and global on‑call rotations
  • Location, work style, and travel

Opportunities in the United States, United Kingdom, and Denmark. Onsite or hybrid depending on location and business needs. Occasional on‑call coverage may be required.

  • Why you’ll love it here
  • Own a mission‑critical identity defense stack and make measurable impact on MTTD/MTTR and privilege hygiene
  • Solve complex problems from dark web exposure to directory persistence and lateral movement
  • Collaborate with experienced global teams and leading vendors to continuously raise the bar
  • Grow your career in a modern, data‑driven security operations environment

Benefits

  • Medical, dental, vision, and prescription drug coverage with optional Health Savings Account and company contributions
  • Industry‑leading 401(k) savings plan with employer match
  • Insurance coverage, employee assistance programs, and wellness incentives
  • Paid vacation time, sick time, and company holidays; support for work‑life balance
  • EEO Information

FUJIFILM is committed to providing equal opportunities in hiring, promotion and advancement, compensation, benefits, and training regardless of nationality, age, gender, sexual orientation or gender identity, race, ethnicity, religion, political creed, ideology, national or social origin, disability, veteran status, etc.

ADA Information

If you require reasonable accommodation in completing this application, interviewing, completing any pre‑employment testing, or otherwise participating in the employee selection process, please direct your inquiries to our HR Department (fdbglobaltalent@fujifilm. com).

  • Job Locations: UK – Durham – Billingham
  • #J-18808-Ljbffr

Senior Identity Protection Specialist employer: Fujifilm UK

At FUJIFILM, we pride ourselves on being an exceptional employer, offering a dynamic work environment where you can make a significant impact on identity protection at a global scale. Our collaborative culture fosters innovation and professional growth, supported by comprehensive benefits including medical coverage, a robust 401(k) plan, and generous paid time off to ensure a healthy work-life balance. Join us in Durham, where you'll work alongside experienced teams and leading vendors, tackling complex challenges while advancing your career in a modern, data-driven security operations setting.

Fujifilm UK

Contact Details:

Fujifilm UK Recruitment Team

We think you need these skills to ace Senior Identity Protection Specialist

Identity Protection
CrowdStrike Identity Protection
SIEM/UEBA
KQL
SQL
Regex
Sigma