Dfir Jobs (NOW HIRING)

Location: Remote (USA)

Role: Full time / Exempt

Compensation: $90K-$110K, 20% Bonus

As a Senior Consultant in Restoration, you are a highly technical and motivated professional with extensive experience in assisting clients in recovering from cyber incidents, restoring compromised systems, and implementing effective remediation strategies. You thrive in fast-paced environments, collaborating closely with Digital Forensic and Incident Response (DFIR) teams, legal counsel, insurance carriers, and affected clients to ensure swift restoration services in parallel with forensics and incident response efforts. Your technical abilities and expertise make you a trusted advisor to clients seeking to enhance their overall cybersecurity posture.

This is a full-time remote opportunity, and you will perform a variety of restoration and recovery efforts while working closely with the Director of Restoration, Restoration team members, and the Digital Forensic and Incident Response team. They will play a critical role in post-incident recovery, working alongside the DFIR team to restore systems and secure infrastructures after cyber incidents. Through meticulous remediation efforts and application of technical expertise, they'll help clients regain operational stability and strengthen their defenses against future threats.

• Actively share knowledge with team members cultivating a culture of continuous learning, and staying up to date on industry trends, emerging threats, and best practices. 
• Build strong professional relationships and serve as a trusted advisor during client-facing incident response engagements, contributing your advanced knowledge and expertise to post-incident recovery efforts.
• Work closely with the DFIR team to assess and determine the scope and impact of cyber incidents.
• Utilize experience with Active Directory, Group Policy Objects, ADSI, Windows Security, replication, Azure Active Directory Connect, and other relevant technologies to restore compromised systems.
• Script and automate recovery processes using PowerShell and Windows command line tools.
• Leverage experience in hypervisor technologies such as VMware, Hyper-V, Citrix XenServer, and Nutanix Acropolis to restore virtualized environments.
• Work with various server hardware platforms including HP, Dell, Nutanix, and Cisco UCS.
• Utilize experience with storage vendors such as Dell EMC, NetApp, HP/Nimble, and Pure Storage to recover data and systems.
• Implement backup solutions such as Veeam, Backup Exec, Unitrends, and Zerto to ensure data recovery.
• Manage desktop operating systems and deployments, including Windows 7/8/10/11.
• Oversee enterprise messaging systems, including Exchange and M365.
• Handle server-based computing environments, including Citrix and Terminal Services.
• Leverage networking knowledge, including core switches, wireless access points, firewalls, and VPN configurations.
• Implement two-factor and multi-factor authentication services such as Okta, DUO, Microsoft Authentication, Ping, RSA, and others.
• Collaborate with internal teams, external partners, and clients to refine and document all restoration and recovery efforts, maintaining a clear and organized record of actions taken, lessons learned, and best practices. 
• Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage. 

• Bachelor's degree in information technology, computer science, related degree, or equivalent former professional experience as an IT Engineer, Systems Administrator, Cybersecurity Consultant, or related position.
• Previous DFIR and restoration experience in a consulting firm.
• Professionally skilled in the deployment and management of IT infrastructure, including Microsoft Exchange, M365, Microsoft Windows Server operating systems, and workstations.
• Expertise in various operating systems (Windows, Linux, MacOS) and their security features.
• Familiarity with cloud services.
• Experience in network administration.
• Experience configuring firewalls, VPN's, Active Directory, Exchange, Group Policy.
• Skilled at problem-solving and exhibits a high-level of attention to detail.
• Can effectively under pressure while maintaining professional composure.
• Excellent communication skills, both written and verbal, can explain technical concepts to non-technical audiences.
• Strong interpersonal skills, a team player mentality, and a client-centric mindset.
• Exceptional organizational skills and the ability to manage multiple competing priorities.

Expertise in all these areas is not required, but you should be excited by the opportunity to learn new things and comfortable with working with other team members to expand your knowledge base and experience. We at Surefire Cyber invite you to apply even if you do not feel you have mastery in all the requirements listed on the job description and welcome a further discussion.

• Submit interest and resume online
• Preliminary phone interview with the People Team (approx., 30 mins)
• Virtual/Teams interview with other R&R Consulting team members, (approx., 45 minutes)
• Virtual/Teams Interview with the Director of R&R (approx., 45 minutes)
• Virtual/Teams interview with the Chief Deliver Officer
• Virtual/Team interview with our CEO