Portfolio Jobs

We couldn’t be more proud to partner with these companies securing the way people live and work.

Senior Consultant, Restoration and Remediation

Surefire Cyber

Surefire Cyber

Marketing & Communications
Elkridge, MD, USA
Posted 6+ months ago

Job Title: Senior Consultant, Restoration

Location: Remote (USA)

Role: Full time

Compensation: $60K-$110K

About Surefire Cyber

Surefire Cyber delivers swift, strong responses to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats with end-to-end response capabilities. We provide clients confidence by helping them prepare, respond, and recover from cyber incidents—and to fortify their cyber resilience after an incident.

About You

As a Senior Consultant in Restoration, you are a highly technical and motivated professional with extensive experience in assisting clients in recovering from cyber incidents, restoring compromised systems, and implementing effective remediation strategies. You thrive in fast-paced environments, collaborating closely with Digital Forensic and Incident Response (DFIR) teams, legal counsel, insurance carriers, and affected clients to ensure swift restoration services in parallel with forensics and incident response efforts. Your technical abilities and expertise make you a trusted advisor to clients seeking to enhance their overall cybersecurity posture.

Job Description

Surefire Cyber is actively seeking a Senior Consultant in Restoration to join our growing team. This is a full-time remote opportunity, and you will perform a variety of restoration and recovery efforts while working closely with the Director of Restoration, Restoration team members, and the Digital Forensic and Incident Response team.

Core Responsibilities

  • Actively share knowledge with team members cultivating a culture of continuous learning, and staying up to date on industry trends, emerging threats, and best practices.
  • Build strong professional relationships and serve as a trusted advisor during client-facing incident response engagements, contributing your advanced knowledge and expertise to post-incident recovery efforts.
  • Work closely with the DFIR team to assess and determine the scope and impact of cyber incidents.
  • Utilize experience with Active Directory, Group Policy Objects, ADSI, Windows Security, replication, Azure Active Directory Connect, and other relevant technologies to restore compromised systems.
  • Script and automate recovery processes using PowerShell and Windows command line tools.
  • Leverage experience in hypervisor technologies such as VMware, Hyper-V, Citrix XenServer, and Nutanix Acropolis to restore virtualized environments.
  • Work with various server hardware platforms including HP, Dell, Nutanix, and Cisco UCS.
  • Utilize experience with storage vendors such as Dell EMC, NetApp, HP/Nimble, and Pure Storage to recover data and systems.
  • Implement backup solutions such as Veeam, Backup Exec, Unitrends, and Zerto to ensure data recovery.
  • Manage desktop operating systems and deployments, including Windows 7/8/10/11.
  • Oversee enterprise messaging systems, including Exchange and M365. • Handle server-based computing environments, including Citrix and Terminal Services.
  • Leverage networking knowledge, including core switches, wireless access points, firewalls, and VPN configurations.
  • Implement two-factor and multi-factor authentication services such as Okta, DUO, Microsoft Authentication, Ping, RSA, and others.
  • Collaborate with internal teams, external partners, and clients to refine and document all restoration and recovery efforts, maintaining a clear and organized record of actions taken, lessons learned, and best practices.
  • Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage.

Requirements

  • Bachelor’s degree in information technology, computer science, related degree, or equivalent former professional experience as an IT Engineer, Systems Administrator, Cybersecurity Consultant, or related position.
  • Previous DFIR and restoration experience in a consulting firm.
  • Professionally skilled in the deployment and management of IT infrastructure, including Microsoft Exchange, M365, Microsoft Windows Server operating systems, and workstations.
  • Expertise in various operating systems (Windows, Linux, MacOS) and their security features.
  • Familiarity with cloud services.
  • Experience in network administration.
  • Experience configuring firewalls, VPN’s, Active Directory, Exchange, Group Policy.
  • Skilled at problem-solving and exhibits a high-level of attention to detail.
  • Can effectively under pressure while maintaining professional composure.
  • Excellent communication skills, both written and verbal, can explain technical concepts to non-technical audiences.
  • Strong interpersonal skills, a team player mentality, and a client-centric mindset.
  • Exceptional organizational skills and the ability to manage multiple competing priorities.

Expertise in all these areas is not required, but you should be excited by the opportunity to learn new things and comfortable with working with other team members to expand your knowledge base and experience. We at Surefire Cyber invite you to apply even if you do not feel you have mastery in all the requirements listed on the job description and welcome a further discussion.

Interview Process

  • Submit interest by applying to the job posting or resume to careers@surefirecyber.com
  • Preliminary phone interview with the Chief People Officer (approx., 30 minutes)
  • Virtual interview with hiring leader/Director of Restoration (approx., 45 minutes)
  • Virtual interview with other Restoration Consulting team members, (approx., 45 minutes)
  • Virtual interview mock scenario with Engagement Lead (approx., 45 minutes)
  • Virtual interview with the Chief Delivery Officer (approx., 30 minutes)
  • Virtual interview with the Chief Executive Officer (CEO) (approx., 30 minutes)

Benefits of Joining Surefire Cyber

  • Competitive pay and equity for all employees.
  • Remote work options.
  • Flexible PTO (Paid Time Off), holiday, and paid parental leave for all employees.
  • Comprehensive health, vision, dental, 401K matching program, disability, FSA (Flexible Spending Accounts), HSA (Health Savings Account) (Health Savings Account), Life and AD&D benefits.

Surefire Cyber is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex, or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances.