Principal Consultant, Restoration and Remediation
Jobgether · United States · 3 days ago
RemoteRemoteConsultingFull-time
Accountabilities
- Lead complex cybersecurity recovery initiatives while providing technical direction, strategic guidance, and operational leadership.
- Work closely with clients and internal teams to ensure effective recovery outcomes, improve response capabilities, and support long-term cyber resilience.
- Lead end-to-end restoration and remediation efforts for complex cyber incidents, including ransomware attacks, major breaches, and targeted compromises.
- Develop and execute technical recovery strategies across hybrid environments, including on-premises infrastructure, cloud platforms, and SaaS applications.
- Oversee the restoration and hardening of critical systems such as Active Directory, Azure AD, Microsoft 365, Exchange, VPNs, firewalls, MFA solutions, and backup platforms.
- Advise executive stakeholders, including technology leaders, legal teams, and insurance partners, on recovery strategies, timelines, risks, and resilience improvements.
- Cookordination recovery workstreams across cybersecurity, IT, legal, and insurance stakeholders to maintain alignment and technical accuracy.
- Serve as a technical escalation point, resolving complex challenges during high-pressure recovery engagements.
- Mentor consultants through technical coaching, project guidance, feedback, and professional development support.
- Create and review technical documentation, executive reports, recovery timelines, and post-incident lessons learned.
- Improve internal methodologies, tools, playbooks, and training resources to strengthen restoration and remediation capabilities.
- Support proactive cybersecurity services, including readiness assessments, tabletop exercises, and executive advisory engagements.
- Participate in after-hours incident response rotations when major security events require additional support.
Requirements
- Extensive cybersecurity, infrastructure, and incident response experience, combined with strong leadership skills and the ability to communicate effectively with both technical teams and executive stakeholders.
- Proven experience leading enterprise-scale recovery efforts following cybersecurity incidents, preferably in a consulting or client-facing environment.
- Strong technical expertise with Active Directory, Azure AD, Microsoft 365, Exchange, Group Policy, virtualization platforms such as VMware, Hyper-V, or Citrix, and enterprise backup solutions.
- Deep understanding of infrastructure recovery, network segmentation, identity restoration, endpoint security, and post-compromise remediation.
- Ability to design and execute remediation plans alongside DFIR, SOC, cloud, and infrastructure teams.
- Experience advising senior business, technical, legal, and insurance stakeholders during critical incidents.
- Strong written and verbal communication skills, including experience delivering executive-level updates and technical reports.
- Demonstrated ability to mentor and develop technical professionals within a team environment.
- Knowledge of attacker tactics, techniques, procedures (TTPs), and their impact on recovery planning.
- Relevant cybersecurity certifications such as CISSP, GCFA, MCSE, or OSCP are highly preferred.
- Strong problem-solving skills, adaptability, ownership mindset, and willingness to continuously learn new technologies and approaches.
Benefits
- Competitive compensation package and comprehensive total rewards program.
- Fully remote work environment.
- Generous paid time off policy and floating holidays.
- Paid parental leave.
- Employer-paid medical, dental, and vision insurance premiums for employees and dependents.
- Comprehensive benefits including 401(k) matching, disability coverage, flexible spending accounts (FSA), health savings account (HSA), life insurance, and AD&D coverage.
- Professional development opportunities and career advancement support.
- Ongoing coaching, feedback, recognition, and growth opportunities through structured performance management programs.