Incident Remediation & Recovery Expert

Sygnia is a top tier cyber technology and services company, providing consulting and incident response support for organizations worldwide. Sygnia works with companies to proactively build their cyber resilience and to respond and defeat attacks within their networks. It is the trusted advisor and cyber security service provider of IT and security teams, senior managements, and boards of top organizations worldwide, including Fortune 100 companies.

The company draws on top talent from the ranks of elite military technology units and from across the cyber industry and has some of the world’s top talents in cyber security. Described by Forbes as a “cyber security delta force”, it applies technological supremacy, digital combat experience, data analytics and a business-driven mindset to cyber security, enabling organizations to excel in the age of cyber.

Sygnia is looking for an IT Expert for the role of Incident Remediation & Recovery Expert to join our Enterprise Security team. As an Incident Remediation & Recovery Expert, you will be responsible for eradicating attackers from clients’ environments and implementing critical security controls to build post-breach resilience against some of the most sophisticated threat actors out there.

Main Responsibilities:

• Support Incident Response containment and remediation engagements with global organizations.
• Implementation support for remediation, containment, and recovery plans for compromised environments.
• Lead and support the execution of a coordinated recovery and remediation effort, including ransomware-related wide-scale restoration effort.
• Design and assist clients with rapid architecture enhancements to defend against identified threat actors’ tools, tactics, and procedures.
• Guide and support clients (hands-on) with architecture enhancements and optimization to their security stack.

Main Requirements:

• At least 5+ years of technical, hands-on cyber security and IT engineering experience, preferably in an enterprise environment.
• Understanding of enterprise networking and knowledge of network segmentation strategies
• Technical expertise in at least four of the following areas:

-Active Directory architecture, administration, and security threats.

-Windows and Unix endpoint hardening and security controls enforcement.

-Privileged Identity and Access Management best practices.

-Network engineering (firewalls, routers, VPN, etc.).

-On-premises system infrastructure (virtualization, storage, backups, etc.).

-Cloud security (Microsoft 365, Azure, AWS, etc.).

-PowerShell scripting.

• Consulting experience – an advantage
• Communication skills – including the ability to communicate effectively in a crisis mode at a global environment.
• Willingness to travel

‍