Location
Atlanta, Georgia, United States
Posted
July 04, 2026
Job Description
ESSENTIAL DUTIES AND RESPONSIBILITIES
Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.
Identify and define unauthorized access scenarios, including credential misuse, privilege escalation, and anomalous account behavior.
Develop and tune Splunk/CrowdStrike queries, correlation searches, and alerts to detect suspicious privileged activity.
Leverage CrowdStrike (or equivalent EDR tools) to monitor endpoint-level indicators of compromise, lateral movement, and misuse of elevated privileges
Build and maintain detection use cases aligned with MITRE ATT&CK techniques related to identity and access abuse.
Correlate data from multiple sources (identity systems, logs, endpoints, cloud platforms) to identify potential threats.
Partner with Security Operation...