Taking identity security where it has never gone before.
Silverfort Logo

Silverfort

Threat Hunting & Incident Response Lead- Identity

Posted 4 Hours Ago
Be an Early Applicant
Remote
Hiring Remotely in United States
Senior level
Remote
Hiring Remotely in United States
Senior level
Lead the Identity Threat Hunting & Incident Response team, focusing on advanced identity threats, incident response investigations, and detection engineering in hybrid environments.
The summary above was generated by AI
Description

Silverfort is a cyber-security startup that develops a revolutionary identity protection platform. Using patented technology, our product enables strong authentication across entire corporate networks and cloud environments, without any modifications to endpoints and servers. In addition, we use advanced behavior analytics to apply adaptive authentication policies and prevent cyber-attacks in real time.

Our mission is to provide industry-leading unified identity protection solutions for hybrid and multi-cloud environments. We develop cutting-edge cybersecurity technology that solves urgent customer needs today and is also a game changer for years to come.

Silverfort’s team includes exceptional researchers, engineers, and technology experts who successfully tackle some of the most complex challenges in cyber-security. Silverfort has happy customers worldwide, strong market validation (including several industry awards), strategic partnerships with the largest security vendors in the world, and significant funding from leading VCs.

We’re looking for a founding member of our Identity Threat Hunting & Incident Response (IR) team a rare opportunity to define and lead a capability focused on uncovering and stopping sophisticated identity-based threats where traditional security tools fall short.

While most threat hunters focus on endpoints, networks, or malware, your mission will be to track adversaries through identity systems from Active Directory and cloud IdPs to authentication and authorization flows across hybrid environments. You’ll lead investigations into real-world intrusions, build detection strategies, simulate advanced identity attacks, and work directly with global enterprises to secure their most critical access pathways.

This role combines deep, hands-on technical investigation with high-impact strategic work. You’ll leverage behavioral analytics, authentication telemetry, and large-scale identity data to detect stealthy campaigns. You’ll also help shape detection logic, improve investigative capabilities, and contribute thought leadership through attack simulations, research, and direct customer engagement.


Responsibilities

Identity Threat Hunting

  • Proactively hunt for advanced identity threats by analyzing authentication patterns, access anomalies, and behavioral signals across on-prem and cloud environments
  • Build detection hypotheses and validate them using SQL, Python, and large-scale behavioral data (Snowflake, Pandas, etc.)
  • Uncover stealthy campaigns involving credential misuse, session hijacking, abuse of trust relationships, and identity-based lateral movement

Incident Response Leadership

  • Lead high-impact investigations involving Active Directory, Azure AD, cloud IdPs, and SaaS identity systems
  • Deliver comprehensive IR support from triage and containment to root cause analysis and remediation planning
  • Collaborate closely with customer teams to respond to identity intrusions across complex enterprise environments

Detection Engineering & R&D

  • Simulate identity-based attacks (e.g., token theft, OAuth abuse, SAML manipulation) to stress-test security controls and generate detections
  • Contribute detection logic, investigation playbooks, and forensic methodologies aligned to the MITRE ATT&CK framework
  • Work with engineering teams to enhance telemetry, automate investigations, and improve product capabilities

Business Development

  • Partner with sales and customer success teams to deliver live threat assessments, demonstrate platform value, and support technical conversations during pre-sales
  • Assist in shaping the go-to-market strategy for identity security services and incident response offerings
  • Represent the company in strategic customer engagements, offering expert insights on identity security risks and mitigation

Requirements
  • 4+ years of hands-on Incident Response experience, with expertise in containment, forensics, and remediation
  • Deep understanding of identity systems and protocols (AD, Azure AD, Okta, SAML, OAuth, Kerberos, etc.)
  • Experience with identity-focused threats and the TTPs adversaries use to exploit authentication and authorization processes
  • Strong skills in data-driven investigation using tools like SQL, Python (Pandas), and modern data platforms (e.g., Snowflake)

Strongly Preferred

  • Experience in leading threat hunting or IR teams and developing new detection methodologies
  • Familiarity with industry tools: SIEM, EDR, identity posture management, and SOAR platforms
  • Publicly shared research, blogs, or talks on identity-based threats
  • Ability to work cross-functionally with product, engineering, and business teams

Top Skills

Active Directory
Azure Ad
Edr
Kerberos
Oauth
Okta
Pandas
Python
SAML
SIEM
Snowflake
Soar
SQL

Similar Jobs at Silverfort

4 Hours Ago
In-Office or Remote
Dallas, TX, USA
Mid level
Mid level
Information Technology • Sales • Security • Cybersecurity • Automation
The Service Desk Specialist oversees service desk operations, provides IT support, manages access rights, handles asset management, and contributes to IT policy development. Strong interpersonal skills and experience with multiple IT systems are necessary.
Top Skills: Active DirectoryAzure Active DirectoryDhcpDnsFreshserviceIntuneJAMFJira Service DeskOktaServicenowVmware Workspace One
4 Hours Ago
Remote
United States
Senior level
Senior level
Information Technology • Sales • Security • Cybersecurity • Automation
As a Sales Engineer, you will lead technical discussions, provide product demos, and ensure successful POCs, while collaborating with various teams to enhance customer satisfaction.
Top Skills: KerberosLdapLinuxMicrosoft Active DirectoryMicrosoft Azure Active DirectoryNtlmRadiusTcp/IpWindows

What you need to know about the Belfast Tech Scene

If asked to name the birthplace of the RMS Titanic, you might not say Belfast. Similarly, if asked to name Europe's leading destination for foreign direct investment in new software development, Belfast might not come to mind. Yet, both are true. The city has emerged as a tech powerhouse, recently ranked among the best in the U.K. for tech careers — especially for software developers. It also leads the U.K. with the highest percentage of software development jobs advertised.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account