ROLES & RESPONSIBILITIES
- Responds to Client, Counsel, Carrier (CCC) in accordance with Key Performance Indicators (KPIs) and urgency of requests
- Is solely responsible for the success, failure, and management of all team members’ activities and communications during the engagement
- Engagement Management (External):
- Leads the technical conversation and drive the direction and strategy of the engagement
- Educates the Client on how to make an informed decision
- Guides the Client on the importance of conducting a cost vs. benefit analysis
- Maintains accountability for accurate and timely password changes within 24 hours
- Builds the strategy for success and deliver it
- Assists client with developing and executing their recovery plans
- Establishes priorities for their IT and Arete engagement personnel
- Is the subject matter expert on various technologies, infrastructure, and engagement-specific items
- Tracks progress to completion
- Engagement Management (Internal):
- Communicates clearly and manages priorities by role ensuring each team member understands their tasks, values, and time to deliver
- Ensures project workstreams are being delivered on-time
- Monitors budget and team hours against allocated hours within the statement of work (SOW)
- Ensures daily time entry is complete within Project management tool for the team
- Ensures project workstreams are being delivered on-time
- Ensures project budget is correct. Identifies potential overages and requests amendments when workstream budgets reach 75%, if necessary
- Ensures the engagement team is utilized to a blended 70%
- Easily identifies opportunities for add-on services to continue assisting Clients with Arete resources
- Ensures teams execute tasks successfully and validates work product quality
- Provides routine updates to CCC regarding overall engagement and action items
- Delivers to the Client on-time based on agreed upon service level agreement (SLA) and/or as needed
- Coaches and mentors junior team members
- Proposes tactics and strategies that impact overall processes
- May perform other duties as assigned by management
SKILLS AND KNOWLEDGE
- Excellent time management and organizational skills
- Widely recognized technical abilities
- Ability to teach others
- Proficiency with reading the room and adjusting conversational style accordingly.
- Ability to navigate difficult conversations effortlessly
- Expert at managing client expectations
- Ability to independently train, mentor, coach and lead team members globally and take ownership over their wins and losses
- Ability to lead projects with security implementations
- Thorough background or knowledge of network enterprise systems administration
- Thorough knowledge and understanding of operating systems and hardware architectures: Linux/Unix, Mainframe, Windows, Cloud, etc.
- Thorough knowledge and experience with core set of standard Industry technology and platforms and familiarity with cybersecurity tools. Hands-on not required but a plus
- Endpoint Detection and Response (EDR) solutions
- E-mail platforms: Microsoft Office (M365), On-premises Exchange, Google Workspace
- Anti-virus (AV) vendors
- Identity Access Management (IAM)/Zero Trust systems
- Disaster Recover Plans
- Firewall and Virtual Private Network (VPN) platforms
- Remote access tools
- Knowledge of Enterprise architecture
- Network segmentation
- Cloud Provider Platforms:
- Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP)
- On-premises technologies, Physical and Virtual
- Servers, Firewalls, routers, storage, Security Information Event Management (SIEM), Multi-factor authentication
- DMZ configurations
- Thorough knowledge of containment, preservation, and acquisition of data within compromised IT environments
- Thorough knowledge of email servers: on-premises, cloud hosted, and third-party hosted
- Demonstrates deep understanding of configurations
- Understands how email servers connect to or authenticate with Active Directory (AD)
- Understands how to collect relevant logs from popular email services (Exchange, Exchange Online, Google Workspace, and M365)
- Familiarity with or knowledge of how to familiarize oneself with additional platforms as required
- Comfortable directing IT personnel to perform collection of required log information
- Knowledgeable with securing email platforms and directing IT administrators on proper configuration techniquesAbility to establish priorities, work independently and proceed with objectives with minimal supervision
JOB REQUIREMENTS
- Minimum of 7 years conducting digital investigations or leading full-cycle incident response investigations for a major consulting firm or global IR company
- Bachelor's degree in a computer science related discipline and 8+ years related experience or Master's Degree and 6+ years related experience or J.D. and 4+ years related experience
- Minimum of 1 industry certifications: GCFA, GCFE, GCIH, GISP, CISSP, Security+, MCSC, Network+, or equivalent
DISCLAIMER
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all responsibilities, duties and skills required personnel so classified.
WORK ENVIRONMENT
While performing the responsibilities of this position, the work environment characteristics listed below are representative of the environment the employee will encounter: Usual office working conditions. Reasonable accommodation may be made to enable people with disabilities to perform the essential functions of this job.
PHYSICAL DEMANDS
- No physical exertion required
- Travel within or outside of the state
- Light work: Exerting up to 20 pounds of force occasionally, and/or up to 10 pounds of force as frequently as needed to move objects
TERMS OF EMPLOYMENT
Salary and benefits shall be paid consistent with Arete salary and benefit policy.
FLSA OVERTIME CATEGORY
Job is exempt from the overtime provisions of the Fair Labor Standards Act.
DECLARATION
The Arete Incident Response Human Resources Department retains the sole right and discretion to make changes to this job description.
EQUAL EMPLOYMENT OPPORTUNITY
We’re proud to be an equal opportunity employer- and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
Arete Incident Response is an outstanding (and growing) company with a very dedicated, fun team. We offer competitive salaries, fully paid benefits including Medical/Dental, Life/Disability Insurance, 401(k) and the opportunity to work with some of the latest and greatest in the fast-growing cyber security industry.
When you join Arete…
You’ll be doing work that matters alongside other talented people, transforming the way people, businesses, and things connect with each other. Of course, we will offer you great pay and benefits, but we’re about more than that. Arete is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Arete, where experience matters.
Equal Employment Opportunity
We’re proud to be an equal opportunity employer- and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
Top Skills
What We Do
Arete is a global cyber risk company whose mission is to transform the way organizations prepare for, respond to, and prevent cybercrime. We are leaders in the cyber incident response business, having worked on thousands of matters since our inception in 2016. When clients engage Arete, they gain access to the world’s leading cybersecurity professionals — anywhere in the world — within hours, not days. We also work with organizations after a cyberattack to harden their systems and controls to help prevent future disruption.
We often partner with insurance carriers and their legal counsel in response to cyber insurance claims and are proud to work closely with these firms who are on the frontlines of keeping businesses and local governments up and running after cyberattacks.
We are a highly data-driven organization that uses the data we collect and the information we curate not only to improve outcomes for our clients but also inform new models and approaches for cyber risk mitigation and underwriting. We believe in the concept of “collective defense” of our economy, infrastructure, and livelihoods against cybercrime and actively work with law enforcement, government entities, and industry consortia to share our findings and best practices.
At Arete, we share a common passion, with uncompromising integrity in all that we do, to help our clients impacted by emerging issues in cybercrime. Through our rapid response and technical expertise, we have significantly reduced the financial impact and business interruption attributed to cyberattacks.