73 applicants

Company

Secureworks · 4 days ago

Incident Response Consultant - Identity & Active Directory - US (remote)

Minnesota, United States

Full-time

Remote

Senior Level, Lead/Staff

9+ years exp

Maximize your interview chances

Cyber SecurityInformation Technology

H1B Sponsor Likely

Insider Connection @Secureworks

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Understand customers' exposure to poor identity practices and advise customers on practical steps to improve their security posture.

Train customers on how to defend their AD, by demonstrating how AD attacks work.

Work with customers to audit existing security controls and practices around identity management with AD/Entra ID.

Be a key stakeholder in customer facing runbooks.

Provide SME input to Taegis detector authors in order to develop detectors for identity-based attacks.

Share knowledge with wider IR practice regarding identity-based threats in on-prem AD and Entra ID.

Work with Incident Commanders and other Incident Response Consultants during incident response investigations where identified intrusion activity necessitates AD SME support.

Guide customers through the journey of regaining control of their AD after it has been compromised by a threat actor.

Advise customers on immediate AD hardening steps that can be taken to maintain control of AD after an eviction effort.

Develop architectural recommendations during a cybersecurity incident to improve the resilience of customers' AD.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Microsoft Active DirectoryMicrosoft Entra IDConsulting experienceProject managementIdentity securityAD data enumerationSystems administration

Required

Minimum 9 years Microsoft Active Directory experience

Minimum 1 year Microsoft Entra ID experience

Willingness to travel up to 10%, including on short notice

Willingness to directly work with multiple customers on different engagements in parallel

Excellent written and oral communication skills

Enjoys explaining complex technical issues to make non-technical audiences understand the 'so what?'

Preferred

Consulting experience with large external customers, preferably with large multinational organisations

Project management experience working with multiple teams, to include negotiating timelines and project requirements

Keen interest in the security aspects of identity

Familiarity with collecting and enumerating AD data

Experience as systems administrator in an enterprise environment

Company

Secureworks

Glassdoor

3.4

SecureWorks is a security service provider offering network, IT, and managed security solutions. It is a sub-organization of Dell Technologies.

Founded in 1999

Atlanta, Georgia, USA

1,001-5,000 employees

http://www.secureworks.com

H1B Sponsorship

Secureworks has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2023 (20)

2022 (39)

2021 (58)

2020 (53)