The Senior Remediation Engineer has a minimum of 5 years’ experience conducting full lifecycle data breach investigations and restoring and building systems. The Engineer will provide support during and after the reporting of a cyber event and will work closely with BinaryLab’s Directors through the restoration process to collect forensic artifacts, re-image workstations, re-build server environments, re-configure network resources, and support all IT-related tasks to mitigate risk and operational down time.
The Senior Remediation Engineer should be able to effectively guide clients and 3rd party stakeholders under pressurized situations, have excellent communication skills, and possess a strong desire for process improvement through creating tailored solutions unique to our clients.
Primary duties include:
Act as a senior member of the BinaryResponse remediation team and a key player in overall operations for BinaryResponse engagements.
Build relationships with and win the confidence of clients by working to understand their businesses and assisting in identifying and mitigating risks within their IT infrastructure.
Lead and collaborate custom rebuilding of network resources.
Assess emerging and current security threats to adapt to the full lifecycle of a cyber incident, including triage, data collection, enumerating the environment, rebuilding systems, and returning to steady-state operations.
Lead the restoration, recovery, configuration, and troubleshooting of networks and general IT capabilities.
Promote new domain controllers, seize Flexible Single Master Operations (FSMO) roles, troubleshoot DNS, and rebuild System Volumes (SYSVOL) and Distributed File System Replication (DFSR) or File Replication Service (FRS) to mitigate a client’s operational down time and security threat.
Assess Active Directory/Exchange administration from servers 2010 onwards to sufficiently rebuild and recover client servers.
Utilize recover server switch on setup, rebuild virtual directories, and repair and recover client databases to restore a client’s infrastructure to optimal performance.
Review security appliances and system architecture, including firewalls, VPNs, Active Directory, Group Policy, Linux, and Windows systems for system breaches.
Develop tailored solutions for BinaryResponse clients with the intent to improve a customer’s security posture and compliance.
Provide analytical findings and professional guidance to help customers re-establish business operations.
Support Windows workstations and applications.
Travel to client sites to deliver professional services as needed (up to 30%).
Able to respond to inquiries and work beyond normal business hours.
Other duties as assigned.
The candidate must possess these abilities:
Demonstrate a positive, professional attitude and a desire to advance.
Demonstrate a growth oriented, strategic, and technical skillset.
Follow firm procedures and policies.
Take ownership of assigned projects, including communicating the status and progress of those projects and completes within timeframe.
Demonstrate a desire to grow the business by identifying cross-sell and up-sell opportunities with prospects and clients.
Exhibit a team-player mentality but is capable of leading and augmenting technical teams.
Actively seek work and communicates availability to manager.
Possess excellent verbal and written communication to deliver to technical and non-technical audiences.
Request and learn from feedback.
Help to maintain a professional and team-oriented environment.
Bachelor’s degree from an accredited institution in Computer Science or related area, or with equivalent work, or military experience.
Experience with one, some, or all the following frameworks: NIST Cybersecurity Framework, Cybersecurity Maturity Model Certification, HIPAA, HITECH, and PCI.
Experience with virtual computing concepts, including hypervisors (ESXI/ VMWare Hyper-V).
Information security certifications (CISSP) preferred.
Consulting experience within digital forensics or incident response preferred.