hero



Incident Response Engagement Manager

Arctic Wolf

Arctic Wolf

Sydney, NSW, Australia · Remote
Posted on Jun 19, 2024

Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry—cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience.

Our mission is simple: End Cyber Risk. We’re looking for a Senior Engineer, Incident Response to be part of making this happen.

About the Role:

At Arctic Wolf we are actively looking for highly experienced and technical Sr. Engineers for our Incident Response Team. Specifically, this team is comprised of IT professionals called upon to go above and beyond to help our clients respond to and recover from cyberattacks. These professionals have a comprehensive understanding of full-lifecycle data breach investigations and are experts at restoring and building systems. The ideal person for this role is someone with a deep IT background that wants to break into the digital forensics field. This person also will lead and coordinate incident response cases during the 2nd shift in addition to performing triage forensics analysis. This position is a key 2nd shift team member and wears many hats.

About You:

As a valued member of Arctic Wolf’s Incident Response team, you will deliver support during and in the immediate aftermath of a cyberattack. Throughout the incident response process, you will work side-by-side with the rest of the incident response team to collect digital artifacts, restore systems, reconfigure domain controllers and firewalls, troubleshoot network issues, perform triage forensics investigations, coordinate with clients, and provide any other IT-related tasks necessary to restore the client’s business operations. Candidates for this role exhibit calmness under pressure, have excellent communication skills and have a strong desire to resolve client challenges in times of high stress.

Responsibilities:

General

  • Perform as a senior member of the Incident Response and Restoration & Remediation teams and as a part of the greater Arctic Wolf Incident Response team.

  • Deep understanding of full life-cycle data breach investigations from end-to-end (triage, collections, securing the environment, restoring/rebuilding of systems and ensuring client functionality)

  • Technical expertise and ability to troubleshoot, diagnose and repair systems and networks.

  • Demonstrated abilities and professional experience with host-based and network-based security issues

Client Management

  • Actively participate in large scope high impact cyber breaches and manage Incident Response workflow and activities to support prompt response and remediation.

  • Self-starter committed to meeting tight deadlines with a strong work ethic.

  • Demonstrates professionalism, has a positive attitude, and is an extension of Arctic Wolf’s brand in the marketplace.

  • Excellent verbal and written communication skills with an emphasis on customer service

Qualifications:

Required

  • Advanced progression and professional experience involving work directly related to restoration, recovery, configuration, and troubleshooting of networks and general IT capabilities

  • End-to-end understanding of engagements and steps within the IR workflow: initial triage, collections, imaging, securing, and hardening of the environment and overall security posture, restoring/rebuilding systems and getting the client functional

  • Ability to respond to inquiries and work beyond normal business hours, provide mentorship to junior level team members and can be relied upon as a trusted resource

  • Skilled with promoting new domain controllers, seizing Flexible Single Master Operations (FSMO) roles, DNS troubleshooting, rebuilding System Volumes (SYSVOL), and rebuilding Distributed File System Replication (DFSR) or File Replication Service (FRS).

  • Proficient with Active Directory/Exchange administration

  • Expertise with rebuilding and recovering Exchange Systems from Server 2010 onwards

  • Familiarity with /recover server switch on setup, rebuilding virtual directories, repairing databases, and using recovery databases

  • Adept with supporting Microsoft Windows workstations and applications

  • Expert with firewalls, VPN’s, Active Directory, Group Policy, Linux, and Windows systems

  • Professional work history and experience with Hypervisors, including ESXI / VMWare Hyper-V

  • Provide well-thought-out findings and provide professional guidance, both in technical and non-technical terms, to help customers re-establish business operations

  • Excellent relationship management, customer service, and communication skills in multiple forms (written, conference calls, in-person/virtual meetings)

  • Prior consulting experience within digital forensics or incident response

Preferred

  • Experience navigating networking issues related to firewalls and routers

  • Understanding of various backup solutions (VEEAM, Datto, Barracuda, etc.)

  • Passionate about technology and customers and stays current on industry trends

  • Digital Forensics Experience

About Arctic Wolf

At Arctic Wolf we’re cultivating a collaborative and productive work environment that welcomes a diversity of backgrounds, cultures, and ideas to make our teams even stronger as we grow globally. We’ve been named one of the 50 Most Innovative Companies in the world for 2022 (Fast Company)—and the 2nd Most Innovative Security Company. This is in addition to consecutive awards from Top Workplace USA (2021, 2022), Best Places to Work - USA (2021, 2022) and Great Place to Work - Canada (2021, 2022).

Our Values

Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that—by protecting people’s and organizations’ sensitive data and seeking to end cyber risk— we get to work in an industry that is fundamental to the greater good.

We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here.

We also believe and practice corporate responsibility, and have recently joined the Pledge 1% Movement, ensuring that we continue to give back to our community. We know that through our mission to End Cyber Risk we will continue to engage and give back to our communities.

All wolves receive compelling compensation and benefits packages, including:

  • Equity for all employees

  • Bonus or commission pay based on role

  • Flexible time off, paid volunteer days and paid parental leave

  • 401k/RRSP match

  • Medical, Dental, and Vision insurance

  • Health Savings and Flexible Spending Agreement

  • Voluntary Legal Insurance

  • Training and career development programs

Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law. Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our entire employee experience as accessible as possible and provide accommodations as required for candidates and employees with disabilities and/or other specific needs where possible. Please let us know if you require any accommodations by emailing recruiting@arcticwolf.com.

Security Requirements

  • Conducts duties and responsibilities in accordance with AWN’s Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information (in accordance with our employee handbook and corporate policies).

  • Background checks are required for this position.