Restoration and Recovery Lead jobs in United States
cer-icon
Apply on Employer Site
company-logo

S-RM · 1 month ago

Restoration and Recovery Lead

positionNew York
timeFull-time
remoteOnsite
senioritySenior Level
money$145K/yr - $195K/yr

S-RM is a global intelligence and cyber security consultancy, and they are seeking a Restoration and Recovery Lead to join their Incident Response practice. The role involves developing and executing restoration strategies for security incidents, primarily ransomware, and managing relationships with restoration partners to ensure effective recovery for clients.

Business IntelligenceCyber Security
badNo H1Bnote

Responsibilities

Developing restoration strategies during Incident Response cases: working alongside your colleagues in the Incident Response team, you will develop bespoke restoration strategies during live incidents, focusing on ensuring security and capability is maintained
Executing these strategies to help clients restore their operations quickly and securely: in partnership with client’s IT and security teams, you will lead on the execution of these strategies, restoring clients to operations in a quick and secure manner
Leading and developing relationships with supporting restoration partners: in cases where we need to surge additional resources through our partners, you will manage these relationships and direct the work of our partners to ensure S-RM’s standards are met
Capability development: you will contribute to the development of S-RM’s restoration and recovery capability, creating playbooks and providing training for the broader Incident Response team to ensure effective collaboration during cases
On-site Restoration Support: in some cases, it may be beneficial to support clients locally at their data centres or office locations. You may be expected to attend their sites during the early stages of restoration to help support these efforts
Due to the global nature of S-RM’s Incident Response team, this role requires working in shifts. The shift pattern will be finalised once all hires for this role have been made. However, in the interests of transparency, we expect the shift pattern will ensure coverage of core US working hours (Eastern Time) as well as weekends. Responsibility for unsociable shifts will be shared across the team
Variety of casework: no day will be the same. Our team responds to a huge variety of incidents for both public and corporate clients
Developing an understanding of Incident Response: you will have opportunities to broaden your security awareness into the wider incident response process, learning how restoration fits into the bigger picture of a response
Flexible working practices: responding to incidents can be intense, high-pressure work. We are mindful of our team’s work/life balance and offer flexible working options to support your wellbeing

Qualification

Incident ResponseCloud-hosted configurationActive DirectoryBackup solutionsNetwork appliance integrationMicrosoft Certified Systems AdministratorVirtualised Environment CertificationsNetwork Administration Certifications

Required

In-depth knowledge of on-premise, virtualised (ESXi / Hypervisor Technology) and Cloud-hosted (AWS/Azure/GCP) configuration and implementation
In-depth knowledge of Active Directory functions, implementation, and configuration, including integrations with Entra ID functionality
Comprehensive understanding of standard backup solution practices, restoration of data and preparing systems for introduction into production environments
Comprehensive understanding of general network appliance integration and configuration as well as security and network-based tooling implementations
The successful candidate must have permission to work in the United States by the start of their employment

Preferred

Relevant industry certifications are not required for this role. However, holding any of the following is beneficial: Microsoft Certified Systems Administrator (MCSA), Virtualised Environment Courses & Certifications (vCentre/vSphere), Network Administration Qualifications/Certifications

Benefits

20 days holiday per year in addition to 12 public holidays (+1 day for every day of service up to a maximum of 25 days);
Life insurance – 4x annual salary;
Matching pension contribution up to 6% (up to a maximum of 12% combined), and financial education;
Military Leave– to a maximum of 5 years;
Hybrid working and flexible working hours.
Fertility treatment leave – 5 days of leave per cycle of treatment per year;
Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
Paternity leave – 6 weeks of full pay.
100% Company paid private medical, dental and vision insurance for employee, partner and children;
Gym discounts for you and your partner;
EAP programme for you and your immediate family;
Free access to the world-famous mindfulness app Headspace.

Company

S-RM

twittertwittertwitter
Glassdoor3.7
company-logo
S-RM is a global intelligence and cyber security consultancy.
dateFounded in 2005
location
London, England, GBR
people-size201-500 employees
web-link
https://www.s-rminform.com/

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Heyrick Bond Gunning
CEO
linkedin
leader-logo
Kelly Rogers-Davison
Chief Financial Officer
linkedin

Recent News

AETOSWire
Andersen Consulting Elevates Cybersecurity Offering with the Addition of S-RM - AETOSWire
2025-12-10
UAE Business Review
Andersen Consulting Elevates Cybersecurity Offering with the Addition of S-RM
2025-12-09
Financial IT
S-RM Expands Global Incident Response Leadership Team, Appointing Casey O’Brien to Global Head of Incident Response
2025-11-25
Company data provided by crunchbase