DFIR Recovery Specialist

The Role:

We seek an experienced Incident Response Recovery Specialist to join the At-Bay Response & Recovery team. The IR Recovery Specialist will support the Response & Recovery remediation team and report to our Incident Response Engineer.

Responsibilities:

• Accountable for overseeing, measuring, and driving efforts to systematically increase the maturity and effectiveness of cyber security incident response and recovery processes, setups, and controls for At-Bay’s Response and Recovery Team.
• Gains and helps maintain an end-to-end understanding of relevant client landscape (networks, endpoints, platforms, applications, dependencies, cloud services, on-premise setups, etc.).
• Engages with global and local operational Security & IT teams, collaborates closely with all relevant functions across the client base, and consults with external experts & stakeholders.
• Provides deep security expertise in the context of reviews of detection measures, post-mortem analysis of cyber incident responses, and IT recovery exercises; supports and helps coordinate major real cyber security events.
• Provides assurance & evidence for the formal security control objectives in this area and contributes accordingly to the overall needs of At-bay’s clients.
• Identifies gaps in detection, response, recovery controls, and details and drives security risk reduction activities.

In this role, we value:

• Great educational background, preferably in the fields of computer science or engineering for technical project managers.
• Proven working experience as a project administrator in the information technology sector.
• Solid technical background, with understanding or hands-on experience in Windows, Linux, and OSX
• Excellent client-facing and internal communication skills.
• Excellent written and verbal communication skills.
• Solid organizational skills, including attention to detail and multi-tasking skills.

Required Skills:

• Install/Replace, configure, and optimize network hubs, routers, and switches (e.g., higher-level protocols, tunneling).
• Develop and implement network backup and recovery procedures.
• Diagnose network connectivity problems.
• Implement new system design procedures, test procedures, and quality standards.
• Install and maintain network infrastructure device operating system software (e.g., windows OS,
• virtual machines).
• Experience working with and securing perimeter security devices (e.g., Firewalls, VPNs)Integrate
• new systems into existing network architecture.
• Monitor network capacity and performance.
• Skill in writing code in a currently supported programming language (e.g., Java, Python,
• PowerShell).
• Patch network vulnerabilities to ensure that information is safeguarded against outside parties.
• Provide feedback on network requirements, including network architecture and infrastructure.
• Test and maintain network infrastructure, including software and hardware devices.
• An understanding of forensic data collection tools and procedures is a plus.

Work location:

•  USA, Remote