Match score not available

Incident Response Identity Consultant - Active Directory - EMEA (remote)

Remote: 
Full Remote
Contract: 
Experience: 
Senior (5-10 years)
Work from: 

Offer summary

Qualifications:

Minimum 5 years Microsoft Active Directory experience, Minimum 1 year Microsoft Entra ID experience, Willingness to travel up to 10%, Experience in cybersecurity is preferred, Familiarity with AD data collection.

Key responsabilities:

  • Advise customers on identity security practices
  • Train customers on defending against AD attacks
  • Audit existing identity management controls
  • Assist during incident response investigations
  • Develop recommendations for AD resilience
Secureworks logo
Secureworks Computer Hardware & Networking Large https://www.secureworks.com/
1001 - 5000 Employees
See more Secureworks offers

Job description

Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that secures human progress with Secureworks® Taegis™, a SaaS-based, open XDR platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about “what’s next.” We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.

The Incident Response Identity Consultant will be responsible for communicating, planning, and directing customers in preparation and response to major incidents affecting on-prem AD (Active Directory) and Microsoft Entra ID.

Role Responsibilities:

Proactive engagements:

  • Understand customers' exposure to poor identity practices and advise customers on practical steps to improve their security posture.
  • Train customers on how to defend their AD, by demonstrating how AD attacks work.
  • Work with customers to audit existing security controls and practices around identity management with AD/Entra ID.
  • Be a key stakeholder in customer facing runbooks.
  • Provide SME input to Taegis detector authors in order to develop detectors for identity-based attacks.
  • Share knowledge with wider IR practice regarding identity-based threats in on-prem AD and Entra ID.

Emergency engagements:

  • Work with Incident Commanders and other Incident Response Consultants during incident response investigations where identified intrusion activity necessitates AD SME support.
  • Guide customers through the journey of regaining control of their AD after it has been compromised by a threat actor.
  • Advise customers on immediate AD hardening steps that can be taken to maintain control of AD after an eviction effort.
  • Develop architectural recommendations during a cybersecurity incident to improve the resilience of customers' AD.

Requirements:

  • Minimum 5 years Microsoft Active Directory experience
  • Minimum 1 year Microsoft Entra ID experience
  • Willingness to travel up to 10%, including on short notice
  • Willingness to directly work with multiple customers on different engagements in parallel
  • Excellent written and oral communication skills
  • Enjoys explaining complex technical issues to make non-technical audiences understand the "so what?"

Preferences:

  • Consulting experience with large external customers, preferably with large multinational organisations
  • Project management experience working with multiple teams, to include negotiating timelines and project requirements
  • Keen interest in the security aspects of identity
  • Familiarity with collecting and enumerating AD data
  • Experience as systems administrator in an enterprise environment

Secureworks is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics.

#Radancy

Job ID:R253544

Required profile

Experience

Level of experience: Senior (5-10 years)
Industry :
Computer Hardware & Networking
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Verbal Communication Skills
  • Consulting

Consultant Related jobs