Cybersecurity Specialist

Job Summary

The Cybersecurity Specialist will work with an incident response engagement team to assist the Engagement Lead and manage the restoration tasks to ensure the successful forensic investigation and restoration of clients from network intrusions. This role is responsible for managing technical tasks and resources and staying up to date on best practices and emerging trends of cyber-attacks. The ideal candidate will have a strong background in IT operations and administration, as well as experience with incident response and forensic analysis.

Key Responsibilities

Partners with the Engagement Lead to manage the overall technical tasks during an engagement
Assists the Client with the completion of immediate actions
Assists the Client with SentinelOne (S1) agent installation and troubleshooting
Ensures data preservation steps are taken and assists with forensic collections
Manages Infrastructure Recovery/Restoration and Decryption/Remediation efforts
Reviews backup solutions and assists with the validation of backups
Consults on the resolution of all technical issues such as EDR deployment, troubleshooting, forensics collections, and onsite restoration
Ensures the Strategic Plan contains comprehensive technical details and identifies additional technical resources based on Strategic Plan task list and milestones set by the Engagement Lead
Serves as an internal expert on the entire engagement lifecycle and portfolio of services at a technical level
Serves as an escalation point for Technical Advisor, Engineer, and Technician positions for both technical and non-technical issues
Ensures all activities, findings, and hourly time are properly documented
Backfills the Engagement Lead as needed on kickoff calls and daily update calls, etc. and may also fill in for other team members such as SOC or Forensics, depending on their experience and skillset
Interfaces with the client's technical team members, outside technical teams, the Engagement Lead, the Project Manager and other Arete Teams to ensure the overall technical success of the engagement
Clearly articulates technical recommendations for enhancing client cybersecurity and/or IT infrastructure both verbally and in writing (as directed by Counsel)
May train or mentor other technical roles
Identifies and escalates underperforming team members to help expedite Client recovery efforts and identify mentoring opportunities
Prioritizes, actions upon, and delegates instructions and tasks provided by the Engagement Lead
May perform other duties as assigned by management

Requirements

A Bachelors/technical degree and 6 years of experience relevant experience working in IT operations and administrating IT systems, or equivalent experience
Technical Certifications, Cisco Networking, Security +, Microsoft Server/Azure, etc., preferred

Preferred Skills

Advanced knowledge of multiple technologies: Multi-factor Authentication, Storage solutions, Hypervisors, Operating Systems, Networking, System Administration, Remote Monitoring and Management tools (RMMs), Log Aggregation and Collections, etc.
Thorough knowledge in at many of the following areas: virtualization, Windows Server, Linux/Unix, LDAP/Active Directory, DNS, networking, firewalls, DMZ, scripting/PowerShell, cloud solutions (Azure, AWS, etc), Microsoft 365, information security, SaaS integrations, MDM, SIEM platforms, MFA, RMM
Ability to align tasks with the larger objective of the project engagement process
Previous experience rebuilding applications and custom Windows servers as well as domain controllers and verifying correct operations
Ability to work onsite or during non-business hours, etc.

Work Environment

While performing the responsibilities of this position, the work environment characteristics listed below are representative of the environment the employee will encounter: Usual office working conditions. Reasonable accommodation may be made to enable people with disabilities to perform the essential functions of this job.

Physical Demands

No physical exertion required. Travel within or outside of the state.

Light Work

Exerting up to 20 pounds of force occasionally, and/or up to 10 pounds of force as frequently as needed to move objects

---