About Secureworks
Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.
Role Responsibilities:
Proactive Engagements
- Understand customers' exposure to poor identity practices and advise customers on practical steps to improve their security posture.
- Train customers on how to defend their AD, by demonstrating how AD attacks work.
- Work with customers to audit existing security controls and practices around identity management with AD/Entra ID.
- Be a key stakeholder in customer facing runbooks.
- Provide SME input to Taegis detector authors in order to develop detectors for identity-based attacks.
- Share knowledge with wider IR practice regarding identity-based threats in on-prem AD and Entra ID.
Emergency engagements:
- Work with Incident Commanders and other Incident Response Consultants during incident response investigations where identified intrusion activity necessitates AD SME support.
- Guide customers through the journey of regaining control of their AD after it has been compromised by a threat actor.
- Advise customers on immediate AD hardening steps that can be taken to maintain control of AD after an eviction effort.
- Develop architectural recommendations during a cybersecurity incident to improve the resilience of customers' AD.
Requirements:
- Minimum 9 years Microsoft Active Directory experience
- Minimum 1 year Microsoft Entra ID experience
- Willingness to travel up to 10%, including on short notice
- Willingness to directly work with multiple customers on different engagements in parallel
- Excellent written and oral communication skills
- Enjoys explaining complex technical issues to make non-technical audiences understand the "so what?"
Preferences:
- Consulting experience with large external customers, preferably with large multinational organisations
- Project management experience working with multiple teams, to include negotiating timelines and project requirements
- Keen interest in the security aspects of identity
- Familiarity with collecting and enumerating AD data
- Experience as systems administrator in an enterprise environment