Consultant, Restoration and Remediation (Remote)

<div class="content-intro"><h2>About Surefire Cyber</h2> <p>Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats. Our client-centric approach reduces stress and provides clients the confidence needed to prepare, respond, and recover from cyber incidents – and fortify their cyber resilience after an event.</p> <p>Surefire Cyber’s approach and delivery are designed by industry veterans who have worked shoulder-to­shoulder with law firms, insurance carriers, brokers, law enforcement, and impacted organizations in responding to cyber incidents. We are marshaling this experience to address the industry’s persistent challenges of efficiency, predictability, and transparency</p></div><h2><span data-contrast="none"><span data-ccp-parastyle="heading 1">Job Title: </span><span data-ccp-parastyle="heading 1">Consultant, Restoration and Remediation</span></span></h2> <p><span data-contrast="none">Location: Remote (USA)</span><span data-ccp-props="{">&nbsp;</span></p> <p><span data-contrast="none">Role: Full time</span><span data-ccp-props="{"> / Exempt</span></p> <p><span data-ccp-props="{">Compensation: $60k-$90k&nbsp;</span></p> <p>&nbsp;</p> <h4>What Makes You Stand Out</h4> <p>You are a systems-savvy problem solver who thrives in fast-paced environments and brings hands-on experience restoring compromised systems and implementing remediation strategies. You’ve worked in roles like IT Engineer, System Administrator, or Cybersecurity Consultant, and now want to apply those skills in a high-stakes, incident response setting.</p> <p>You’re comfortable collaborating with Digital Forensics and Incident Response (DFIR) teams, diagnosing problems quickly, and supporting clients with empathy and clear communication during urgent cyber events.</p> <h4><span data-contrast="none"><span data-ccp-parastyle="heading 2">How You'll Make an Impact</span></span><span data-ccp-props="{">&nbsp;</span></h4> <p>As a Consultant on the Restoration and Remediation (R&amp;R) team, you’ll contribute technical expertise during active incidents — helping clients recover from ransomware, malware infections, and breaches. You’ll execute remediation tasks, restore systems, and collaborate with forensic analysts to support response efforts. <span data-contrast="none"><span data-ccp-parastyle="Body Text">Through meticulous remediation efforts and application of technical expertise, they’ll help clients regain operational stability and strengthen their defenses against future threats</span></span></p> <h4>Your Role in Action&nbsp;</h4> <ul> <li>Support post-incident recovery efforts, collaborating with DFIR teams to assess the scope and impact of cyber incidents</li> <li>Participate in restoring compromised systems to a pre-incident state, including data recovery, system configuration, and hardening</li> <li>Assist in developing and executing tailored remediation plans based on technical, operational, and regulatory requirements</li> <li>Reimage, rebuild, and reconfigure endpoints, servers, and affected services such as Active Directory, Exchange, Group Policy, and VPN</li> <li>Use systems administration skills to restore and configure computing environments</li> <li>Troubleshoot network issues and assist in resolving infrastructure-level connectivity or access problems</li> <li>Contribute to the collection of digital artifacts and forensic evidence, supporting broader incident response</li> <li>Apply foundational knowledge to investigate and address malware infections, unauthorized access, and system integrity issues</li> <li>Implement endpoint protection and access control tools under supervision from senior R&amp;R team members</li> <li>Document all actions taken in a clear, structured format, capturing technical findings, decisions made, and lessons learned</li> <li>Participate in after-hours (on-call/weekend rotational) support when needed to ensure 24/7 incident response coverage</li> </ul> <h4>Your Expertise</h4> <ul> <li>Bachelor's degree in IT, Cybersecurity, Computer Science, or equivalent experience in technical support or IT administration roles</li> <li>Foundational knowledge of Windows, Linux, and MacOS environments and their security features</li> <li>Experience with firewalls, VPNs, Active Directory, Group Policy, Exchange, and common endpoint security tools</li> <li>Understanding of cyber incident impact, attacker techniques, and indicators of compromise (IOCs)</li> <li>Strong technical troubleshooting skills and a proactive, team-first attitude</li> <li>Excellent written and verbal communication skills, with the ability to explain technical concepts to non-technical stakeholders</li> <li>Ability to manage competing tasks, adapt quickly to changing scenarios, and contribute in high-pressure situations</li> </ul> <p><span data-contrast="none"><span data-ccp-parastyle="Body Text">Expertise</span><span data-ccp-parastyle="Body Text"> in</span><span data-ccp-parastyle="Body Text"> all</span><span data-ccp-parastyle="Body Text"> these</span><span data-ccp-parastyle="Body Text"> areas is not </span><span data-ccp-parastyle="Body Text">required</span><span data-ccp-parastyle="Body Text">, but you should be excited by the opportunity to learn new things and comfortable with </span><span data-ccp-parastyle="Body Text">working with other team members </span><span data-ccp-parastyle="Body Text">to expand your knowledge base</span><span data-ccp-parastyle="Body Text"> and experience</span><span data-ccp-parastyle="Body Text">. We</span><span data-ccp-parastyle="Body Text"> at Surefire Cyber</span><span data-ccp-parastyle="Body Text"> invite you to apply even if you do not feel you</span><span data-ccp-parastyle="Body Text"> have mastery in </span><span data-ccp-parastyle="Body Text">all</span><span data-ccp-parastyle="Body Text"> the requirements listed on the job description</span><span data-ccp-parastyle="Body Text"> and welcome a further discussion</span><span data-ccp-parastyle="Body Text">.&nbsp;</span><span data-ccp-parastyle="Body Text">&nbsp;</span></span><span data-ccp-props="{">&nbsp;</span></p> <h4><span data-contrast="none"><span data-ccp-parastyle="heading 2">Interview Process</span></span><span data-ccp-props="{">&nbsp;</span></h4> <ul> <li data-leveltext="" data-font="Symbol" data-listid="33" data-list-defn-props="{" data-aria-posinset="1" data-aria-level="1"><span data-contrast="none">Submit application on our website&nbsp; &nbsp;</span><span data-ccp-props="{">&nbsp;</span></li> <li data-leveltext="" data-font="Symbol" data-listid="33" data-list-defn-props="{" data-aria-posinset="2" data-aria-level="1"><span data-contrast="none">Preliminary phone interview with the People Team (approx., 30 mins)</span><span data-ccp-props="{">&nbsp;</span></li> <li data-leveltext="" data-font="Symbol" data-listid="33" data-list-defn-props="{" data-aria-posinset="2" data-aria-level="1"><span data-ccp-props="{">Virtual/Teams Interview with Restoration Team Members&nbsp;</span></li> <li data-leveltext="" data-font="Symbol" data-listid="33" data-list-defn-props="{" data-aria-posinset="3" data-aria-level="1"><span data-contrast="none">Virtual/Teams interview with hiring leader/Director of R&amp;R (approx., 45 minutes)</span><span data-ccp-props="{">&nbsp;</span></li> <li data-leveltext="" data-font="Symbol" data-listid="33" data-list-defn-props="{" data-aria-posinset="3" data-aria-level="1"><span data-ccp-props="{">Take Home Mock Scenario (approx., 45 minutes)</span></li> <li data-leveltext="" data-font="Symbol" data-listid="33" data-list-defn-props="{" data-aria-posinset="4" data-aria-level="1"><span data-ccp-props="{"><span data-contrast="none">Virtual/Teams interview with the Chief Deliver Officer</span></span></li> <li data-leveltext="" data-font="Symbol" data-listid="33" data-list-defn-props="{" data-aria-posinset="4" data-aria-level="1"><span data-ccp-props="{"><span data-contrast="none">Virtual/Team interview with our CEO</span></span>&nbsp;</li> </ul> <p>#LIRemote</p><div class="content-conclusion"><div class="elementor-element elementor-element-29d312d elementor-widget elementor-widget-heading" data-id="29d312d" data-element_type="widget" data-widget_type="heading.default"> <div class="elementor-widget-container"> <h2 class="elementor-heading-title elementor-size-default">Benefits for Full-Time Surefire Cyber Team Members</h2> </div> </div> <div class="elementor-element elementor-element-e219dee elementor-widget elementor-widget-text-editor" data-id="e219dee" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <ul> <li>Competitive compensation plan and total rewards package for team members</li> <li>Remote workforce</li> <li>Generous paid time off plan and floating holidays</li> <li>Paid parental leave</li> <li>Employer paid premiums for both team members and their dependents for medical, dental, and vision</li> <li>Comprehensive health, vision, dental, 401K matching program, disability, Flexible Spending Accounts (FSA), Health Savings Account (HSA), Life and AD&amp;D benefits.</li> <li>Professional development and career advancement opportunities</li> <li>We prioritize employee growth and development through a robust performance management platform to provide ongoing coaching, clear feedback, recognition, and opportunities for career growth.</li> </ul> <p><em>Note: Internship roles are not eligible for Surefire’s full-time benefits package. Internship-specific details will be shared during the interview process.</em></p> </div> </div> <div class="elementor-element elementor-element-e7a0505 e-flex e-con-boxed e-con e-child" data-id="e7a0505" data-element_type="container" data-settings="{&quot;background_background&quot;:&quot;classic&quot;}"> <div class="e-con-inner"> <div class="elementor-element elementor-element-73252ae elementor-widget elementor-widget-text-editor" data-id="73252ae" data-element_type="widget" data-widget_type="text-editor.default"> <div class="elementor-widget-container"> <p>Surefire Cyber is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex, or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances.</p> </div> </div> </div> </div></div>