$160 - $200k
10 days ago
- Lead Incident Response containment and remediation engagements with global organizations.
- Remediate, contain, and recover compromised environments.
- Conduct a coordinated recovery and remediation effort, including a large-scale restoration effort related to ransomware.
- Develop and assist clients in rapid architecture enhancements in order to protect against tools, tactics, and procedures used by identified threat actors.
- Provide guidance and support to clients concerning architecture enhancements and security stack optimization.
- Develop and present executive-level deliverables and reports that effectively communicate remediation strategies and workstreams
- A minimum of 5+ years of hands-on experience in cyber security (operations or engineering)
- Knowledge of at least three of the following areas: Experience as a system administrator or network engineer in an enterprise environment.
- Expertise in enterprise security controls for Active Directory/Windows environments.
- Best practices for the management of privileged access
- Windows and Unix endpoint hardening and security control enforcement
- Knowledge of application whitelisting and host-based restrictions
- Implementation and enforcement of technologies such as Credential Guard and Device Guard
- Knowledge of enterprise networking and network segmentation
- Experience installing and managing both network-based and host-based firewalls
- The development and implementation of logging configurations for network devices, Windows and Unix endpoints
- Experience in consulting is an advantage.
- Outstanding communication abilities, including the ability to communicate effectively during a crisis in a global environment.