Surefire Cyber

About Surefire Cyber Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats. Our client-centric approach reduces stress and provides clients the confidence needed to prepare, respond, and recover from cyber incidents – and fortify their cyber resilience after an event. Surefire Cyber’s approach and delivery are designed by industry veterans who have worked shoulder-to­shoulder with law firms, insurance carriers, brokers, law enforcement, and impacted organizations in responding to cyber incidents. We are marshaling this experience to address the industry’s persistent challenges of efficiency, predictability, and transparency Job Title: Principal Consultant, Digital Forensics & Incident Response Location: Remote (USA) Role: Full time / Exempt Compensation: $100K-$160K annually, 20% Bonus What Makes You Stand Out You are a seasoned cybersecurity professional specializing in Digital Forensics and Incident Response (DFIR), with extensive experience, including client-facing roles, sophisticated forensic analysis, and a proven track record of independently managing investigations of varying sizes and complexities. Committed to continuous learning, you actively seek opportunities to expand your knowledge base, contributing to the team's collective expertise. In addition to technical proficiency, you excel at forensically guiding engagements and prioritizing competing priorities effectively. Demonstrated through a consistent delivery of high-quality results, your passion lies in mentoring colleagues and navigating the dynamic landscape of security incidents, showcasing a deep understanding of the evolving threat landscape. How You'll Make An Impact As a Principal Consultant, you will represent Surefire Cyber as a skilled technical forensic and consulting expert for clients across diverse industries during active incident response engagements. Leveraging your extensive experience and technical skills, you will play a pivotal role in detecting and analyzing intrusions, offering clear guidance to clients navigating high-pressure response situations, and providing after-hours support as needed. Your Role In Action - Demonstrate genuine curiosity, a commitment to continuous learning, and contribute valuable insights to support the team's knowledge growth. - Forensically lead incident response engagements, working with other team members to guide clients through the entire incident response lifecycle from detection to recovery. - Conduct advanced forensic analysis to identify the scope and impact of security incidents meticulously and precisely, including malware analysis and reverse engineering when necessary. - Independently manage investigations ranging in size and complexity such as Business Email Compromises and Ransomware engagements. - Provide career development for a Forensic team consisting of 3-4 Consultants/Senior Consultants, by investing in their professional development conducting regular one-on-one conversations and providing guidance and recommendations on training opportunities. - Identify, articulate, and explain attack vectors, threat tactics, and attacker techniques to guide mitigation and prevention efforts. - Convey complex forensic findings to technical and non-technical stakeholders clearly and understandably. - Provide comprehensive supporting evidence for written reports detailing incident findings, and analysis. - Review, provide well thought out input, and provide guidance to other team members on forensic reports. - Collaborate with internal teams, external partners, and clients to refine and document incident response processes and best practices. - Spearhead research and development activities to stay up to date with the latest forensic tools, techniques, and methodologies. - Contribute to the development of internal processes and support broader organizational initiatives. - Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage. Your Expertise - Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, related degree, industry certifications, or former professional experience as a Senior or Principal Forensic Consultant, Senior or Principal Cybersecurity Consultant, or as a Senior or Principal Incident Responder. - Hold industry certifications or showcase equivalent professional experience as a Principal Consultant, highlighting a profound mastery of Digital Forensics and Incident Response. - Previous experience in leading the forensic workstreams and teams ranging from 3-4 in size on complex investigations. - Demonstrate advanced proficiency in utilizing common digital forensic artifacts and tools such as ELK, Axiom, Encase, FTK (Forensic Toolkit), Open-Source, or comparable industry-standard tools. - Showcase professional experience in the effective use of network analysis and intrusion detection tools, exemplifying a deep understanding of their application in cybersecurity. - Possess in-depth knowledge of cybersecurity principles and best practices, underlining a comprehensive understanding of the intricacies of the cybersecurity landscape. - Exhibit excellent problem-solving skills and meticulous attention to detail, displaying an ability to navigate complex challenges with precision and thoroughness. - Demonstrate the ability to work effectively under pressure, manage multiple competing priorities, and consistently meet tight deadlines, reflecting resilience and efficiency in high-stakes scenarios. - Display exceptional communication skills, both written and verbal, ensuring the ability to convey complex technical information clearly and comprehensively. - Express eagerness to mentor, share knowledge, and actively contribute to the expansion of the team's expertise, fostering a collaborative and growth-oriented environment. - Exhibit the capability to provide after-hours (on-call/weekend rotational) support as required, demonstrating a commitment to addressing critical incidents promptly and maintaining continuous coverage. Interview Process - Submit interest and application to on our website - Preliminary phone interview with the the Talent & People Team (approx., 30 minutes) - Virtual /Teams Technical interview with Engagement Leads (approx., 60 minutes) - Virtual/Teams interview with Chief Delivery Officer and an Engagement Lead (approx., 45 minutes) - Virtual/Teams interview with CEO (Chief Executive Officer) (approx., 30 minutes) Please note that we reserve the right to modify the process at any time. Benefits for Full-Time Surefire Cyber Team Members - Competitive compensation plan and total rewards package for team members - Remote workforce - Generous paid time off plan and floating holidays - Paid parental leave - Employer paid premiums for both team members and their dependents for medical, dental, and vision - Comprehensive health, vision, dental, 401K matching program, disability, Flexible Spending Accounts (FSA), Health Savings Account (HSA), Life and AD&D benefits. - Professional development and career advancement opportunities - We prioritize employee growth and development through a robust performance management platform to provide ongoing coaching, clear feedback, recognition, and opportunities for career growth. Note: Internship roles are not eligible for Surefire’s full-time benefits package. Internship-specific details will be shared during the interview process. Surefire Cyber is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex, or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances.

About Surefire Cyber Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats. Our client-centric approach reduces stress and provides clients the confidence needed to prepare, respond, and recover from cyber incidents – and fortify their cyber resilience after an event. Surefire Cyber’s approach and delivery are designed by industry veterans who have worked shoulder-to­shoulder with law firms, insurance carriers, brokers, law enforcement, and impacted organizations in responding to cyber incidents. We are marshaling this experience to address the industry’s persistent challenges of efficiency, predictability, and transparency Job Title: Principal, Restoration and Remediation Location: Remote (USA) Role: Full time Compensation: What Makes You Stand Out You are a senior technical leader in cybersecurity and incident response, known for restoring order and confidence during high-severity events. You’ve led the full lifecycle of post-incident recovery efforts, from strategic planning and stakeholder advising, to hands-on systems restoration and network reconfiguration. You bring not only deep technical skills across enterprise IT infrastructure but also the confidence and clarity to lead clients, coach teammates, and evolve internal capabilities. You thrive in high-pressure environments, take initiative, and are passionate about growing the next generation of cyber responders. How You’ll Make An Impact As a Principal Consultant on the Restoration and Remediation team, you’ll lead Surefire Cyber’s most complex and sensitive post-incident recovery engagements. You’ll advise clients on restoration strategy, coordinate with cross-functional teams, and oversee technical execution across diverse environments. You’ll also play a key role in maturing Surefire Cyber’s internal R&R capabilities; mentoring consultants, improving playbooks and tooling, and shaping how we scale recovery operations. Your Role In Action - Lead end-to-end recovery operations for complex cyber incidents, including ransomware outbreaks, large-scale breaches, and targeted compromises - Architect and manage technical remediation plans across hybrid infrastructure (on-prem, cloud, and SaaS), including user recovery, server rebuilds, reconfiguration, and hardening - Oversee restoration of identity services (Active Directory, Azure AD), messaging systems (Exchange, M365), VPNs, firewalls, MFA, and enterprise backup solutions - Advise client executives (CIOs, CISOs, legal, insurers) on remediation strategy, recovery timelines, and long-term resilience improvements - Coordinate recovery workstreams across DFIR, IT, legal, and insurance stakeholders, ensuring alignment and technical integrity - Act as technical escalation point during recovery engagements, solving roadblocks with precision and speed - Mentor senior and junior consultants on real-time client work and long-term development, including technical coaching, feedback, and project guidance - Document and review client-facing technical reports, timelines, and lessons learned to ensure completeness and clarity - Contribute to the evolution of Surefire Cyber’s recovery methodologies, including internal tooling, knowledge bases, and training paths - Lead or support proactive services including tabletop exercises, remediation readiness assessments, and executive advisory engagements - Participate in after-hours response rotations during major incident events (on-call availability expected) Your Expertise  - 10+ years of professional experience in cybersecurity, incident response, systems/network administration, or IT infrastructure engineering - Proven leadership in guiding enterprise-scale recovery efforts during cyber incidents, ideally in a client-facing or consulting capacity - Deep hands-on experience with Active Directory, Azure AD, M365, Exchange, Group Policy, virtualization platforms (VMware, Hyper-V, Citrix), and backup tools (e.g., Veeam, Zerto, Unitrends) - Expert understanding of infrastructure reconfiguration, network segmentation, identity access recovery, and endpoint security post-compromise - Ability to architect and execute remediation plans in coordination with DFIR, SOC, and cloud teams - Comfortable advising senior business and legal stakeholders during high-pressure engagements - Strong written and verbal communication skills, including experience preparing and presenting executive-level remediation updates - Demonstrated experience mentoring and growing technical talent within a team - Familiarity with attacker TTPs, threat actor behaviors, and their implications for recovery sequencing and infrastructure redesign - Demonstrated expertise in cybersecurity, systems engineering, or incident response, whether gained through professional experience, certifications, or equivalent technical training. - Advanced certifications (e.g., CISSP, GCFA, MCSE, OSCP) are strongly preferred. Expertise in all these areas is not required, but you should be excited by the opportunity to learn new things and comfortable with working with other team members to expand your knowledge base and experience. We at Surefire Cyber invite you to apply even if you do not feel you have mastery in all the requirements listed on the job description and welcome a further discussion. Interview Process  - Submit interest and application on our website   - Preliminary phone interview with the Talent & People Team (approx., 30 minutes)  - Virtual technical interview with the Restoration Team (approx., 45 minutes)  - Virtual interview with our Director of Restoration (approx., 45 minutes)  - Take Home Assessment - Virtual interview with Chief Delivery Officer (approx., 30 minutes)  - Virtual interview with CEO (Chief Executive Officer) (approx., 30 minutes)  Benefits for Full-Time Surefire Cyber Team Members - Competitive compensation plan and total rewards package for team members - Remote workforce - Generous paid time off plan and floating holidays - Paid parental leave - Employer paid premiums for both team members and their dependents for medical, dental, and vision - Comprehensive health, vision, dental, 401K matching program, disability, Flexible Spending Accounts (FSA), Health Savings Account (HSA), Life and AD&D benefits. - Professional development and career advancement opportunities - We prioritize employee growth and development through a robust performance management platform to provide ongoing coaching, clear feedback, recognition, and opportunities for career growth. Note: Internship roles are not eligible for Surefire’s full-time benefits package. Internship-specific details will be shared during the interview process. Surefire Cyber is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex, or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances.

About Surefire Cyber Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats. Our client-centric approach reduces stress and provides clients the confidence needed to prepare, respond, and recover from cyber incidents – and fortify their cyber resilience after an event. Surefire Cyber’s approach and delivery are designed by industry veterans who have worked shoulder-to­shoulder with law firms, insurance carriers, brokers, law enforcement, and impacted organizations in responding to cyber incidents. We are marshaling this experience to address the industry’s persistent challenges of efficiency, predictability, and transparency Job Title: Consultant, Restoration and Remediation Location: Remote (USA) Role: Full time / Exempt Compensation: $60k-$90k What Makes You Stand Out You are a systems-savvy problem solver who thrives in fast-paced environments and brings hands-on experience restoring compromised systems and implementing remediation strategies. You’ve worked in roles like IT Engineer, System Administrator, or Cybersecurity Consultant, and now want to apply those skills in a high-stakes, incident response setting. You’re comfortable collaborating with Digital Forensics and Incident Response (DFIR) teams, diagnosing problems quickly, and supporting clients with empathy and clear communication during urgent cyber events. How You'll Make an Impact As a Consultant on the Restoration and Remediation (R&R) team, you’ll contribute technical expertise during active incidents — helping clients recover from ransomware, malware infections, and breaches. You’ll execute remediation tasks, restore systems, and collaborate with forensic analysts to support response efforts. Through meticulous remediation efforts and application of technical expertise, they’ll help clients regain operational stability and strengthen their defenses against future threats Your Role in Action - Support post-incident recovery efforts, collaborating with DFIR teams to assess the scope and impact of cyber incidents - Participate in restoring compromised systems to a pre-incident state, including data recovery, system configuration, and hardening - Assist in developing and executing tailored remediation plans based on technical, operational, and regulatory requirements - Reimage, rebuild, and reconfigure endpoints, servers, and affected services such as Active Directory, Exchange, Group Policy, and VPN - Use systems administration skills to restore and configure computing environments - Troubleshoot network issues and assist in resolving infrastructure-level connectivity or access problems - Contribute to the collection of digital artifacts and forensic evidence, supporting broader incident response - Apply foundational knowledge to investigate and address malware infections, unauthorized access, and system integrity issues - Implement endpoint protection and access control tools under supervision from senior R&R team members - Document all actions taken in a clear, structured format, capturing technical findings, decisions made, and lessons learned - Participate in after-hours (on-call/weekend rotational) support when needed to ensure 24/7 incident response coverage Your Expertise - Bachelor's degree in IT, Cybersecurity, Computer Science, or equivalent experience in technical support or IT administration roles - Foundational knowledge of Windows, Linux, and MacOS environments and their security features - Experience with firewalls, VPNs, Active Directory, Group Policy, Exchange, and common endpoint security tools - Understanding of cyber incident impact, attacker techniques, and indicators of compromise (IOCs) - Strong technical troubleshooting skills and a proactive, team-first attitude - Excellent written and verbal communication skills, with the ability to explain technical concepts to non-technical stakeholders - Ability to manage competing tasks, adapt quickly to changing scenarios, and contribute in high-pressure situations Expertise in all these areas is not required, but you should be excited by the opportunity to learn new things and comfortable with working with other team members to expand your knowledge base and experience. We at Surefire Cyber invite you to apply even if you do not feel you have mastery in all the requirements listed on the job description and welcome a further discussion. Interview Process - Submit application on our website - Preliminary phone interview with the People Team (approx., 30 mins) - Virtual/Teams Interview with Restoration Team Members - Virtual/Teams interview with hiring leader/Director of R&R (approx., 45 minutes) - Take Home Mock Scenario (approx., 45 minutes) - Virtual/Teams interview with the Chief Deliver Officer - Virtual/Team interview with our CEO #LIRemote Benefits for Full-Time Surefire Cyber Team Members - Competitive compensation plan and total rewards package for team members - Remote workforce - Generous paid time off plan and floating holidays - Paid parental leave - Employer paid premiums for both team members and their dependents for medical, dental, and vision - Comprehensive health, vision, dental, 401K matching program, disability, Flexible Spending Accounts (FSA), Health Savings Account (HSA), Life and AD&D benefits. - Professional development and career advancement opportunities - We prioritize employee growth and development through a robust performance management platform to provide ongoing coaching, clear feedback, recognition, and opportunities for career growth. Note: Internship roles are not eligible for Surefire’s full-time benefits package. Internship-specific details will be shared during the interview process. Surefire Cyber is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex, or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances.

About Surefire Cyber Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats. Our client-centric approach reduces stress and provides clients the confidence needed to prepare, respond, and recover from cyber incidents – and fortify their cyber resilience after an event. Surefire Cyber’s approach and delivery are designed by industry veterans who have worked shoulder-to­shoulder with law firms, insurance carriers, brokers, law enforcement, and impacted organizations in responding to cyber incidents. We are marshaling this experience to address the industry’s persistent challenges of efficiency, predictability, and transparency Job Title: Principal Engagement Lead-Digital Forensic and Incident Response (DFIR) Location: Remote, USA Role: Full time / Exempt Compensation: $130k-$165K What Makes You Stand Out You are a seasoned cybersecurity professional with a strong background in digital forensics and incident response (DFIR), and incident management. You thrive in a dynamic and client-focused consulting environment, where you can tackle complex cybersecurity challenges. You are skilled at mitigating risks and making well-informed decisions, even in high-pressure scenarios. You have a demonstrated ability to manage multiple cybersecurity incidents effectively. Your experience includes coordinating incident response efforts, working with cross-functional teams, and external stakeholders including insurance carriers and legal counsel. You strive to consistently deliver quality based client results and ensure a timely resolution while minimizing downtime. How You'll Make An Impact As a Principal Engagement Lead, you will be responsible for leading multiple active cybersecurity engagements, interacting with clients, cyber insurers, and legal counsel. Your expertise will guide scoping calls, and you will collaborate closely with other Engagement Leads and Forensic Consultants on our team to ensure high quality service and resolution on active client matters. Your Role In Action - Lead and oversee active client-facing incident response engagements, working closely with other team members to guide clients through the entire incident response lifecycle from detection to recovery. - Conduct scoping calls with clients to define the incident scope, objectives, and expectations of each engagement. - Work closely with other Engagement Leads and Forensic Consultants to ensure effective coordination of resources and expertise on client matters. - Build and cultivate strong client relationships based on trust, open communication, and collaborative problem-solving. - Provide well-informed solutions that go beyond immediate client challenges to achieve long-term security goals. - Communicate advanced cybersecurity concepts both internally and externally and produce clear and concise verbal and written reports detailing incident findings, and analysis. - Actively knowledge share with team members cultivating a culture of continuous learning, and stay up to date on industry trends, emerging threats, and best practices. - Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage. Your Expertise - Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, related degree, or relevant professional work experience in these disciplines. - Former professional experience in leading and managing active cybersecurity engagements, including incident response, digital forensics investigations, and interaction with clients, legal counsel, and cyber insurers. - Experience in conducting security investigations in Linux and Windows environments. - Understanding of cloud platforms and security considerations within AWS, Azure, and GCP. - Knowledge of digital forensic artifacts and tools such as ELK, Axiom, Encase, FTK, Volatility, or Open-Source tools. - Proficiency in conducting forensic analysis, threat assessments, and post incident reviews. - Eagerness to learn from team, grow your knowledge, and teach your colleagues. - Ability to provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage. Expertise in all these areas is not required, but you should be excited by the opportunity to learn new things and comfortable with working with other team members to expand your knowledge base and experience. We at Surefire Cyber invite you to apply even if you do not feel you have mastery in all the requirements listed on the job description and welcome a further discussion. Interview Process - Submit interest and application to on our website - Preliminary phone interview with the the Talent & People Team (approx., 30 minutes) - Virtual/Teams interview with Engagement Leads (approx., 60 minutes) - Virtual/Teams interview with DFIR Consultants (approx., 60 minutes) - Virtual/Teams interview with Chief Delivery Officer (approx., 45 minutes) - Mock Scenario Interview (approx., 60 minutes) - Virtual/Teams interview with CEO (Chief Executive Officer) (approx., 30 minutes) Please note that we reserve the right to modify the process at any time. #LI-Remote Benefits for Full-Time Surefire Cyber Team Members - Competitive compensation plan and total rewards package for team members - Remote workforce - Generous paid time off plan and floating holidays - Paid parental leave - Employer paid premiums for both team members and their dependents for medical, dental, and vision - Comprehensive health, vision, dental, 401K matching program, disability, Flexible Spending Accounts (FSA), Health Savings Account (HSA), Life and AD&D benefits. - Professional development and career advancement opportunities - We prioritize employee growth and development through a robust performance management platform to provide ongoing coaching, clear feedback, recognition, and opportunities for career growth. Note: Internship roles are not eligible for Surefire’s full-time benefits package. Internship-specific details will be shared during the interview process. Surefire Cyber is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex, or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances.

About Surefire Cyber Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats. Our client-centric approach reduces stress and provides clients the confidence needed to prepare, respond, and recover from cyber incidents – and fortify their cyber resilience after an event. Surefire Cyber’s approach and delivery are designed by industry veterans who have worked shoulder-to­shoulder with law firms, insurance carriers, brokers, law enforcement, and impacted organizations in responding to cyber incidents. We are marshaling this experience to address the industry’s persistent challenges of efficiency, predictability, and transparency Job Title: Senior Consultant, Digital Forensics and Incident Response (DFIR) Location: Remote, USA / Exempt Compensation: $90K-$120K, 20% Bonus What Makes You Stand Out You are an experienced cybersecurity professional with advanced knowledge in the specialty of Digital Forensics and Incident Response (DFIR). You have former client-facing, forensic analysis, and investigation experience. Your passion lies in identifying, analyzing, and mitigating security incidents, demonstrating a solid grasp of the ever-evolving threat landscape. You have a proven track record of conducting forensic analysis and have worked independently on small to medium investigations. You approach investigations with analytical proficiency, and an experienced perspective, while consistently yielding high quality results. How You'll Make An Impact Surefire Cyber is actively seeking a Senior Consultant for our dynamic Digital Forensics and Incident Response team. This opportunity is a full-time position remote opportunity on our team that embraces a collaborative environment, a competitive salary, equity in the company, excellent benefits, and fosters continuous professional development. In this role, you will represent Surefire Cyber as a skilled technical and consulting resource for clients across diverse industries during active incident response engagements. You will leverage your experience and technical skills to detect and analyze intrusions and offer guidance to clients to navigate through high-pressure response situations with clear communication and after-hours support as needed. Your Role In Action - Demonstrate a commitment to learning and contribute valuable insights, actively seeking guidance when necessary. - Contribute to client-facing incident response engagements, working with other team members to guide clients through the entire incident response lifecycle from detection to recovery. - Conduct advanced forensic analysis to precisely identify the scope and impact of security incidents, including malware analysis and reverse engineering when necessary. - Lead the forensic investigations on small to medium investigations such as Business Email Compromises and Ransomware engagements, leveraging the expertise of Engagement Leads and Principal Consultants on advanced and more complex investigations. - Provide mentorship and assist less experienced team members by sharing your knowledge and expertise to help others grow in their roles. - Identify, articulate, and explain attack vectors, threat tactics, and attacker techniques to guide mitigation and prevention efforts. - Convey complex forensic findings to technical and non-technical stakeholders clearly and understandably. - Provide comprehensive supporting evidence for written reports detailing incident findings, and analysis. - Collaborate with internal teams, external partners, and clients to refine and document incident response processes and best practices. - Engage in research and development activities to stay up to date with the latest forensic tools, techniques, and methodologies. - Contribute to the development of internal processes and support broader organizational initiatives. - Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage. Your Expertise - Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, related degree, industry certifications, or former professional experience as a Senior Forensic Consultant, Senior Cybersecurity Consultant, or as a Senior Incident Responder. - Proficiency in common digital forensic artifacts and tools such as ELK, Axiom, Encase, FTK (Forensic Toolkit), Open-Source, or other comparable tools. - Professional experience with network analysis and intrusion detection tools. - In-depth knowledge of cybersecurity principles and best practices. - Excellent problem-solving skills and attention to detail. - Ability to work effectively under pressure, manage multiple competing priorities, and meet tight deadlines. - Exceptional communication skills, both written and verbal. - Eagerness to mentor, share, and expand knowledgebase. - Ability to provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage. Expertise in all these areas is not required, but you should be excited by the opportunity to learn new things and comfortable with working with other team members to expand your knowledge base and experience. We at Surefire Cyber invite you to apply even if you do not feel you have mastery in all the requirements listed on the job description and welcome a further discussion. Interview Process - Submit Application on our website - Preliminary phone interview with the People Team (approx., 30 minutes) - Technical Virtual interview with Forensic Team (approx., 60 minutes) - Virtual interview with Chief Delivery Officer and an Engagement Lead (approx., 45 minutes) - Virtual interview with CEO (approx., 30 minutes) #LI-Remote Benefits for Full-Time Surefire Cyber Team Members - Competitive compensation plan and total rewards package for team members - Remote workforce - Generous paid time off plan and floating holidays - Paid parental leave - Employer paid premiums for both team members and their dependents for medical, dental, and vision - Comprehensive health, vision, dental, 401K matching program, disability, Flexible Spending Accounts (FSA), Health Savings Account (HSA), Life and AD&D benefits. - Professional development and career advancement opportunities - We prioritize employee growth and development through a robust performance management platform to provide ongoing coaching, clear feedback, recognition, and opportunities for career growth. Note: Internship roles are not eligible for Surefire’s full-time benefits package. Internship-specific details will be shared during the interview process. Surefire Cyber is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex, or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances.

About Surefire Cyber Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats. Our client-centric approach reduces stress and provides clients the confidence needed to prepare, respond, and recover from cyber incidents – and fortify their cyber resilience after an event. Surefire Cyber’s approach and delivery are designed by industry veterans who have worked shoulder-to­shoulder with law firms, insurance carriers, brokers, law enforcement, and impacted organizations in responding to cyber incidents. We are marshaling this experience to address the industry’s persistent challenges of efficiency, predictability, and transparency Job Title: Senior Consultant, Restoration Location: Remote (USA) Role: Full time / Exempt Compensation: $90K-$110K, 20% Bonus What Makes You Stand Out As a Senior Consultant in Restoration, you are a highly technical and motivated professional with extensive experience in assisting clients in recovering from cyber incidents, restoring compromised systems, and implementing effective remediation strategies. You thrive in fast-paced environments, collaborating closely with Digital Forensic and Incident Response (DFIR) teams, legal counsel, insurance carriers, and affected clients to ensure swift restoration services in parallel with forensics and incident response efforts. Your technical abilities and expertise make you a trusted advisor to clients seeking to enhance their overall cybersecurity posture. How You'll Make an Impact This is a full-time remote opportunity, and you will perform a variety of restoration and recovery efforts while working closely with the Director of Restoration, Restoration team members, and the Digital Forensic and Incident Response team. They will play a critical role in post-incident recovery, working alongside the DFIR team to restore systems and secure infrastructures after cyber incidents. Through meticulous remediation efforts and application of technical expertise, they’ll help clients regain operational stability and strengthen their defenses against future threats. Your Role in Action - Actively share knowledge with team members cultivating a culture of continuous learning, and staying up to date on industry trends, emerging threats, and best practices.  - Build strong professional relationships and serve as a trusted advisor during client-facing incident response engagements, contributing your advanced knowledge and expertise to post-incident recovery efforts. - Work closely with the DFIR team to assess and determine the scope and impact of cyber incidents. - Utilize experience with Active Directory, Group Policy Objects, ADSI, Windows Security, replication, Azure Active Directory Connect, and other relevant technologies to restore compromised systems. - Script and automate recovery processes using PowerShell and Windows command line tools. - Leverage experience in hypervisor technologies such as VMware, Hyper-V, Citrix XenServer, and Nutanix Acropolis to restore virtualized environments. - Work with various server hardware platforms including HP, Dell, Nutanix, and Cisco UCS. - Utilize experience with storage vendors such as Dell EMC, NetApp, HP/Nimble, and Pure Storage to recover data and systems. - Implement backup solutions such as Veeam, Backup Exec, Unitrends, and Zerto to ensure data recovery. - Manage desktop operating systems and deployments, including Windows 7/8/10/11. - Oversee enterprise messaging systems, including Exchange and M365. - Handle server-based computing environments, including Citrix and Terminal Services. - Leverage networking knowledge, including core switches, wireless access points, firewalls, and VPN configurations. - Implement two-factor and multi-factor authentication services such as Okta, DUO, Microsoft Authentication, Ping, RSA, and others. - Collaborate with internal teams, external partners, and clients to refine and document all restoration and recovery efforts, maintaining a clear and organized record of actions taken, lessons learned, and best practices.  - Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage.  Your Expertise - Bachelor’s degree in information technology, computer science, related degree, or equivalent former professional experience as an IT Engineer, Systems Administrator, Cybersecurity Consultant, or related position. - Previous DFIR and restoration experience in a consulting firm. - Professionally skilled in the deployment and management of IT infrastructure, including Microsoft Exchange, M365, Microsoft Windows Server operating systems, and workstations. - Expertise in various operating systems (Windows, Linux, MacOS) and their security features. - Familiarity with cloud services. - Experience in network administration. - Experience configuring firewalls, VPN’s, Active Directory, Exchange, Group Policy. - Skilled at problem-solving and exhibits a high-level of attention to detail. - Can effectively under pressure while maintaining professional composure. - Excellent communication skills, both written and verbal, can explain technical concepts to non-technical audiences. - Strong interpersonal skills, a team player mentality, and a client-centric mindset. - Exceptional organizational skills and the ability to manage multiple competing priorities. Expertise in all these areas is not required, but you should be excited by the opportunity to learn new things and comfortable with working with other team members to expand your knowledge base and experience. We at Surefire Cyber invite you to apply even if you do not feel you have mastery in all the requirements listed on the job description and welcome a further discussion. Interview Process - Submit interest and resume online - Preliminary phone interview with the People Team (approx., 30 mins) - Virtual/Teams interview with other R&R Consulting team members, (approx., 45 minutes) - Virtual/Teams Interview with the Director of R&R (approx., 45 minutes) - Virtual/Teams interview with the Chief Deliver Officer - Virtual/Team interview with our CEO #LIRemote Benefits for Full-Time Surefire Cyber Team Members - Competitive compensation plan and total rewards package for team members - Remote workforce - Generous paid time off plan and floating holidays - Paid parental leave - Employer paid premiums for both team members and their dependents for medical, dental, and vision - Comprehensive health, vision, dental, 401K matching program, disability, Flexible Spending Accounts (FSA), Health Savings Account (HSA), Life and AD&D benefits. - Professional development and career advancement opportunities - We prioritize employee growth and development through a robust performance management platform to provide ongoing coaching, clear feedback, recognition, and opportunities for career growth. Note: Internship roles are not eligible for Surefire’s full-time benefits package. Internship-specific details will be shared during the interview process. Surefire Cyber is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex, or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances.

About Surefire Cyber Surefire Cyber is redefining the incident response model by delivering a swifter, stronger response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats. Our client-centric approach reduces stress and provides clients the confidence needed to prepare, respond, and recover from cyber incidents – and fortify their cyber resilience after an event. Surefire Cyber’s approach and delivery are designed by industry veterans who have worked shoulder-to­shoulder with law firms, insurance carriers, brokers, law enforcement, and impacted organizations in responding to cyber incidents. We are marshaling this experience to address the industry’s persistent challenges of efficiency, predictability, and transparency Job Title: Director- Digital Forensics and Incident Response Location: Remote, USA Role: Full time / Exempt Compensation: $185K-$200K What Makes You Stand Out You are an accomplished cybersecurity professional well-versed in digital forensics and incident response (DFIR), and incident management. Your expertise displays your ability to manage challenging and dynamic consulting environments, where you excel in addressing advanced cybersecurity issues. Thriving under pressure, you consistently exhibit professionalism and are adept at performing risk mitigation and making well-informed decisions. You have hands-on experience in simultaneously managing multiple cybersecurity incidents effectively. Your experience includes coordinating incident response efforts and collaborating with cross-functional teams, as well as external stakeholders including insurance carriers and legal counsel. Demonstrating a commitment to the career development of team members, you have successfully led teams ranging from 3-5 members. You are committed to fostering a collaborative environment, delivering quality based client results, and ensuring a timely resolution while minimizing downtime. How You'll Make An Impact Reporting directly to the Chief Delivery Officer, as a Director, Digital Forensics, and Incident Response, you will have career development and people management responsibility of a team ranging from 3-5 members of Forensic professionals. You will lead and oversee complex client-facing incident response engagements, collaborating closely with your team to guide clients through the entire incident response lifecycle from detection to recovery. Your Role In Action - Build and cultivate strong client relationships based on trust, open communication, and collaborative problem-solving. - Work closely with the Chief Delivery Officer, the broader Engagement Lead team, and the Forensic Consulting team to lead and oversee active client-facing incident response engagements, to guide clients through the entire incident response lifecycle from detection to recovery. - Conduct scoping calls with clients to define the incident scope, objectives, and expectations of each engagement, providing regular client updates. - Work closely with the Project Management team, other Engagement Leads and the Forensic Consulting team to ensure effective coordination of resources and expertise on client matters. - Provide well-informed solutions that go beyond immediate client challenges to achieve long-term security goals. - Communicate complex cybersecurity concepts both internally and externally and produce clear and concise verbal and written reports detailing incident findings, and analysis. - Invest in career development and provide mentorship to a team size ranging from 3-5 Forensic professionals and/or members of the Principal Engagement Lead team. - Openly share knowledge and information with team members cultivating a culture of continuous learning, and staying up to date on industry trends, emerging threats, and best practices. - Collaborate with internal teams, external partners, and clients to refine and document incident response processes and best practices. - Partner with Product and Marketing to contribute to Surefire Cyber content and attend various industry conferences or events as needed. - Provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage. Your Expertise - Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, related degree, or relevant professional work experience in these disciplines. - Former professional experience in leading and managing active cybersecurity engagements, including incident response, digital forensics investigations, and interaction with clients, legal counsel, and cyber insurers. - Former professional experience in providing mentorship and career development, leading teams ranging in size from 3-5 members. - Experience in conducting security investigations in Linux and Windows environments. - Understanding of cloud platforms and security considerations within AWS (Amazon Web Services), Azure, and GCP (Google Cloud Platform). - Knowledge of digital forensic artifacts and tools such as ELK, Axiom, Encase, FTK (Forensic Tool Kit), Volatility, or Open-Source tools. - Proficiency in conducting forensic analysis, threat assessments, and post incident reviews. - Eagerness to learn from team, grow your knowledge, and teach your colleagues. - Ability to provide after-hours (on-call/weekend rotational) support as required to address critical incidents and maintain continuous coverage. Expertise in all these areas is not required, but you should be excited by the opportunity to learn new things and comfortable with working with other team members to expand your knowledge base and experience. We at Surefire Cyber invite you to apply even if you do not feel you have mastery in all the requirements listed on the job description and welcome a further discussion. Interview Process - Submit interest and application to on our website - Preliminary phone interview with the the Talent & People Team (approx., 30 minutes) - Virtual/Teams interview with Engagement Leads (approx., 60 minutes) - Virtual/Teams interview with DFIR Consultants (approx., 60 minutes) - Virtual/Teams interview with Chief Delivery Officer (approx., 45 minutes) - Mock Scenario Interview (approx., 60 minutes) - Virtual/Teams interview with CEO (Chief Executive Officer) (approx., 30 minutes) Please note that we reserve the right to modify the process at any time. #LI-Remote Benefits for Full-Time Surefire Cyber Team Members - Competitive compensation plan and total rewards package for team members - Remote workforce - Generous paid time off plan and floating holidays - Paid parental leave - Employer paid premiums for both team members and their dependents for medical, dental, and vision - Comprehensive health, vision, dental, 401K matching program, disability, Flexible Spending Accounts (FSA), Health Savings Account (HSA), Life and AD&D benefits. - Professional development and career advancement opportunities - We prioritize employee growth and development through a robust performance management platform to provide ongoing coaching, clear feedback, recognition, and opportunities for career growth. Note: Internship roles are not eligible for Surefire’s full-time benefits package. Internship-specific details will be shared during the interview process. Surefire Cyber is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex, or gender (including pregnancy, childbirth, and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances.