Dell Incident Response Consultant - Identity & Active Directory US 

United States, Georgia, Savannah 

831373636

About Secureworks

Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

Role Responsibilities:

• Understand customers' exposure to poor identity practices and advise customers on practical steps to improve their security posture.
• Train customers on how to defend their AD, by demonstrating how AD attacks work.
• Work with customers to audit existing security controls and practices around identity management with AD/Entra ID.
• Be a key stakeholder in customer facing runbooks.
• Provide SME input to Taegis detector authors in order to develop detectors for identity-based attacks.
• Share knowledge with wider IR practice regarding identity-based threats in on-prem AD and Entra ID.

• Work with Incident Commanders and other Incident Response Consultants during incident response investigations where identified intrusion activity necessitates AD SME support.
• Guide customers through the journey of regaining control of their AD after it has been compromised by a threat actor.
• Advise customers on immediate AD hardening steps that can be taken to maintain control of AD after an eviction effort.
• Develop architectural recommendations during a cybersecurity incident to improve the resilience of customers' AD.

Requirements:

• Minimum 5 years Microsoft Active Directory experience
• Minimum 1 year Microsoft Entra ID experience
• Willingness to travel up to 10%, including on short notice
• Willingness to directly work with multiple customers on different engagements in parallel
• Excellent written and oral communication skills
• Enjoys explaining complex technical issues to make non-technical audiences understand the "so what?"

Preferences:

• Consulting experience with large external customers, preferably with large multinational organisations
• Project management experience working with multiple teams, to include negotiating timelines and project requirements
• Keen interest in the security aspects of identity
• Familiarity with collecting and enumerating AD data
• Experience as systems administrator in an enterprise environment