Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

Dell Incident Response Consultant - Identity & Active Directory US 
United States, Georgia, Savannah 
831373636

31.08.2024

About Secureworks

Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

Role Responsibilities:

Proactive Engagements

  • Understand customers' exposure to poor identity practices and advise customers on practical steps to improve their security posture.
  • Train customers on how to defend their AD, by demonstrating how AD attacks work.
  • Work with customers to audit existing security controls and practices around identity management with AD/Entra ID.
  • Be a key stakeholder in customer facing runbooks.
  • Provide SME input to Taegis detector authors in order to develop detectors for identity-based attacks.
  • Share knowledge with wider IR practice regarding identity-based threats in on-prem AD and Entra ID.

Emergency engagements:

  • Work with Incident Commanders and other Incident Response Consultants during incident response investigations where identified intrusion activity necessitates AD SME support.
  • Guide customers through the journey of regaining control of their AD after it has been compromised by a threat actor.
  • Advise customers on immediate AD hardening steps that can be taken to maintain control of AD after an eviction effort.
  • Develop architectural recommendations during a cybersecurity incident to improve the resilience of customers' AD.

Requirements:

  • Minimum 5 years Microsoft Active Directory experience
  • Minimum 1 year Microsoft Entra ID experience
  • Willingness to travel up to 10%, including on short notice
  • Willingness to directly work with multiple customers on different engagements in parallel
  • Excellent written and oral communication skills
  • Enjoys explaining complex technical issues to make non-technical audiences understand the "so what?"


Preferences:

  • Consulting experience with large external customers, preferably with large multinational organisations
  • Project management experience working with multiple teams, to include negotiating timelines and project requirements
  • Keen interest in the security aspects of identity
  • Familiarity with collecting and enumerating AD data
  • Experience as systems administrator in an enterprise environment