Posted:
8/15/2024, 5:00:00 PM
Location(s):
Florida, United States ⋅ Boca Raton, Florida, United States
Experience Level(s):
Mid Level ⋅ Senior
Field(s):
IT & Security
Workplace Type:
Hybrid
SUMMARY
The Technical Advisor works with an incident response engagement team to assist the Engagement Lead and manages the restoration tasks to ensure the successful forensic investigation and restoration of clients from network intrusions. The Technical Advisor is the technical engagement leader for the Tiger Team and is accountable for providing deeper technical expertise. This role is responsible for managing technical tasks and resources and staying up to date on best practices and emerging trends of cyber-attacks. This is a hands-on, technical role that requires working and communicating effectively with both internal team members and external clients.
ROLES AND RESPONSIBILITIES
Partners with the Engagement Lead (EL) to manage the overall technical tasks during an engagement
Assists the Client with the completion of immediate actions
Assists the Client with SentinelOne (S1) agent installation and troubleshooting
Ensures data preservation steps are taken and assists with forensic collections
Manages Infrastructure Recovery/Restoration and Decryption/Remediation efforts
Reviews backup solutions and assists with the validation of backups
Consults on the resolution of all technical issues such as EDR deployment, troubleshooting, forensics collections, and onsite restoration
Ensures the Strategic Plan contains comprehensive technical details and identifies additional technical resources based on Strategic Plan task list and milestones set by the EL
Serves as an internal expert on the entire engagement lifecycle and portfolio of services at a technical level
Serves as an escalation point for Technical Advisor, Engineer, and Technician positions for both technical and non-technical issues
Ensures all activities, findings, and hourly time are properly documented
Backfills the EL as needed on kickoff calls and daily update calls, etc. and may also fill in for other team members such as SOC or Forensics, depending on their experience and skillset
Interfaces with the client's technical team members, outside technical teams, the EL, the Project Manager and other Arete Teams to ensure the overall technical success of the engagement
Clearly articulates technical recommendations for enhancing client cybersecurity and/or IT infrastructure both verbally and in in writing (as directed by Counsel)
May train or mentor other technical roles
Identifies and escalates underperforming team members to help expedite Client recovery efforts and identify mentoring opportunities
Prioritizes, actions upon, and delegates instructions and tasks provided by the EL
May perform other duties as assigned by management
SKILLS AND KNOWLEDGE
General knowledge of the Incident Response lifecycle and the tools and processes leveraged over the entire engagement
Ability to communicate technical subject matter to a non-technical audience
Sufficient knowledge of all Arete core offerings, processes, and internal/proprietary tools
Ability to lead projects with multiple stakeholders and resolve conflicts
Strong influential leadership and interpersonal skills, professional presence and experience collaborating with peers on remote teams
Strong communication and problem-solving skills
Customer service focused with proven ability to manage multiple priorities • Innovative and creative thinking skills
Previous experience scripting for automation (PowerShell, Bash, Python)
Familiarity with industry standard incident response and forensics threat hunting software and toolsets
Working knowledge of networking to include DHCP, DNS, Subnetting, VLANs, and authentication, and the ability to troubleshoot and resolve issues
General knowledge of data encryption technologies
Ability to read and understand basic network diagrams
Familiarity with small to large size network and systems environments
Basic experience identifying persistence mechanisms and developing client specific remediation steps
Experience with basic collections and troubleshooting basic collection methods (ie. powered on VM with space constraints)
Experience setting up, configuring, and troubleshooting backup and restore operations
Data recovery experience, basic understanding of data structures, file system formats, RAID configurations, and storage configurations
DISCLAIMER
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all responsibilities, duties and skills required personnel so classified.
JOB REQUIRMENTS
A Bachelors/technical degree and 6 years of experience relevant experience working in IT operations and administrating IT systems, or equivalent experience.
Technical Certifications, Cisco Networking, Security +, Microsoft Server/Azure, etc., preferred
Advanced knowledge of multiple technologies: Multi-factor Authentication, Storage solutions, Hypervisors, Operating Systems, Networking, System Administration, Remote Monitoring and Management tools (RMMs), Log Aggregation and Collections, etc.
Thorough knowledge in at many of the following areas: virtualization, Windows Server, Linux/Unix, LDAP/Active Directory, DNS, networking, firewalls, DMZ, scripting/PowerShell, cloud solutions (Azure, AWS, etc), Microsoft 365, information security, SaaS integrations, MDM, SIEM platforms, MFA, RMM
Ability to align tasks with the larger objective of the project engagement process
Previous experience rebuilding applications and custom Windows servers as well as domain controllers and verifying correct operations
Ability to work onsite or during non-business hours, etc.
WORK ENVIRONMENT
While performing the responsibilities of this position, the work environment characteristics listed below are representative of the environment the employee will encounter: Usual office working conditions. Reasonable accommodations may be made to enable people with disabilities to perform the essential functions of this job.
PHYSICAL DEMANDS
No physical exertion required.
Travel within or outside of state and potential for international travel.
Light work: Exerting up to 20 pounds of force occasionally, and/or up to 10 pounds of force as frequently as needed to move objects.
TERMS OF EMPLOYMENT
Expected annual base salary range:
$104,000 - 130,000 per year
Bonus Eligible
Actual base salary within that range will be determined by several components including but not limited to the individual's experience, skills, qualifications and job location.
Candidates are typically placed into the range based on the preceding factors as well as internal peer equity.
Arete Advisors, LLC is an outstanding (and growing) company with a very dedicated, fun team. We offer competitive salaries, fully paid benefits including Medical/Dental, Life/Disability Insurance, 401(k) and the opportunity to work with some of the latest and greatest in the fast-growing cyber security industry.
EQUAL EMPLOYMENT OPPORTUNITY
We’re proud to be an equal opportunity employer- and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better
Arete Incident Response is an outstanding (and growing) company with a very dedicated, fun team. We offer competitive salaries, fully paid benefits including Medical/Dental, Life/Disability Insurance, 401(k) and the opportunity to work with some of the latest and greatest in the fast-growing cyber security industry.
When you join Arete…
You’ll be doing work that matters alongside other talented people, transforming the way people, businesses, and things connect with each other. Of course, we will offer you great pay and benefits, but we’re about more than that. Arete is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Arete, where experience matters.
Equal Employment Opportunity
We’re proud to be an equal opportunity employer- and celebrate our employees’ differences, regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or Veteran status. Different makes us better.
Website: https://areteir.com/
Headquarter Location: New York, New York, United States
Employee Count: 51-100
Year Founded: 2015
IPO Status: Private
Industries: Computer ⋅ Cyber Security ⋅ Network Security ⋅ Security