Infrastructure Recovery - Senior Engineer

Job Summary

As part of the Infrastructure Recovery team, this person applies their past experiences building and administrating a variety of enterprise technologies to help clients respond and prevent cutting edge cyber attacks.

A client facing, hands-on-keyboard position this candidate should be comfortable speaking at a high level to a number of technologies (e.g., server infrastructure, WAN/LAN networking, end user computing, collaboration tools, cloud computing) and willing to take on new challenges that are presented.

The existing team is responsible for both assisting clients experiencing ransomware, data exfiltration, or nation state attacks as well as using their IR skills to help clients harden their infrastructure proactively. You will gain experience working with a wide variety of technologies, client types, and become innately familiar with the world of cyber incident response.

About Us

We are a startup company that was founded by a cohesive group of former coworkers that saw a need in the market that was not being met. Although we are new on paper, we have been doing this work together for over 5 years and have a clear path for business growth. Moreover, we are 100% employee owned and are looking for people that are excited in a flexible role to help grow our business.


Skills & Qualifications

Required

  • 4+ years of experience administering or building enterprise IT environments
  • Comfortable communicating and presenting to clients

Preferred

  • Knowledge of current attack vectors and trends in cybersecurity
  • Bachelor’s Degree or equivalent experience in a STEM related field
  • Relevant certifications (e.g., AWS Solutions Architect, Azure Administrator, VMWare Certified Professional, CCNA)
  • Prior consulting experience
  • Prior experience with EDR, MDR and/or any SIEM tools
  • Ability to perform travel requirements as needed to meet business demands (up to 50%)
  • Located near Chicago or Cincinnati

Responsbilities

Incident Response Recovery

  • Review key systems to identify security concerns that should be remediated as part of containment and recovery efforts
  • Troubleshoot enterprise IT systems (e.g., Active Directory, email, server virtualization, end user computing, remote management monitoring tools) to restore functionality after ransomware attacks
  • Identify opportunities for scripting and automation to accomplish restoration tasks more quickly (e.g., password resets, tools deployment)
  • Conduct containment activities such as network segmentation, server rebuilds, and email migrations to ensure client systems are no longer impacted by the threat actor
  • Work with client resources to help identify restoration workstreams and distribute tasks among the team Interact with internal and client key stakeholders to provide task and overall status updates on progress

Proactive Infrastructure Security Advisory

  • Use the knowledge applied in incident response engagements to define methodologies (e.g., scripts, operating procedures, frameworks) for proactive security reviews
  • Conduct secure infrastructure configuration reviews across the enterprise IT stack and assist clients in addressing concerns

Perks & Benefits

  • Work from home culture
  • Top tier benefits – Medical, Dental, Vision and 401(k) including company match as well as other benefits
  • Company-paid professional development and training 
  • Flexible PTO policy