Technical Advisor - Remote

Join to apply for the Technical Advisor - Remote role at Arete

1 day ago Be among the first 25 applicants

Join to apply for the Technical Advisor - Remote role at Arete

The Technical Advisor works with an incident response engagement team to assist the Engagement Lead and manages the restoration tasks to ensure the successful forensic investigation and restoration of clients from network intrusions. The Technical Advisor is the technical engagement leader for the Tiger Team and is accountable for providing deeper technical expertise. This role is responsible for managing technical tasks and resources and staying up to date on best practices and emerging trends of cyber attacks.

This is a hands-on, technical role that requires working and communicating effectively with both internal team members and external clients.



Roles & Responsibilities

• Partners with the Engagement Lead (EL) to manage the overall technical tasks during an engagement
• Assists the Client with the completion of immediate actions
• Assists the Client with Sentinel One (S1) agent installation and troubleshooting
• Ensures data preservation steps are taken and assists with forensic collections
• Manages Infrastructure Recovery/Restoration and Decryption/Remediation efforts
• Reviews backup solutions and assists with the validation of backups
• Consults on the resolution of all technical issues such as EDR deployment, troubleshooting, forensics collections, and onsite restoration
• Ensures the Strategic Plan contains comprehensive technical details and identifies additional technical resources based on Strategic Plan task list and milestones set by the EL
• Serves as an internal expert on the entire engagement lifecycle and portfolio of services at a technical level
• Serves as an escalation point for Technical Advisor, Engineer, and Technician positions for both technical and non-technical issues
• Ensures all activities, findings, and hourly time are properly documented
• Backfills the EL as needed on kickoff calls and daily update calls, etc. and may also fill in for other team members such as SOC or Forensics, depending on their experience and skillset
• Interfaces with the client's technical team members, outside technical teams, the EL, the Project Manager and other Arete Teams to ensure the overall technical success of the engagement
• Clearly articulates technical recommendations for enhancing client cybersecurity and/or IT infrastructure both verbally and in in writing (as directed by Counsel)
• May train or mentor other technical roles
• Identifies and escalates underperforming team members to help expedite Client recovery efforts and identify mentoring opportunities
• Prioritizes, actions upon, and delegates instructions and tasks provided by the EL
• May perform other duties as assigned by management

• General knowledge of the Incident Response lifecycle and the tools and processes leveraged over the entire engagement
• Ability to communicate technical subject matter to a non-technical audience
• Sufficient knowledge of all Arete core offerings, processes, and internal/proprietary tools
• Ability to lead projects with multiple stakeholders and resolve conflicts
• Strong influential leadership and interpersonal skills, professional presence and experience collaborating with peers on remote teams
• Strong communication and problem-solving skills
• Customer service focused with proven ability to manage multiple priorities
• Innovative and creative thinking skills
• Previous experience scripting for automation (Power Shell, Bash, Python).
• Familiarity with industry standard incident response and forensics threat hunting software and toolsets
• Working knowledge of networking to include DHCP, DNS, Subnetting, VLANs, and authentication., and the ability to troubleshoot and resolve issues
• General knowledge of data encryption technologies
• Ability to read and understand basic network diagrams
• Familiarity with small to large size network and systems environments
• Basic experience identifying persistence mechanisms and developing client specific remediation steps
• Experience with basic collections and troubleshooting basic collection methods (ie. powered on VM with space constraints)
• Experience setting up, configuring, and troubleshooting backup and restore operations
• Data recovery experience, basic understanding of data structures, file system formats, RAID configurations, and storage configurations

• A Bachelors/technical degree and 6 years of experience relevant experience working in IT operations and administrating IT systems, or equivalent experience.
• Technical Certifications, Cisco Networking, Security +, Microsoft Server/Azure, etc., preferred
• Advanced knowledge of multiple technologies:
  Multi-factor Authentication, Storage solutions, Hypervisors, Operating Systems, Networking, System Administration, Remote Monitoring and Management tools (RMMs), Log Aggregation and Collections, etc.
• Thorough knowledge in at many of the following areas: virtualization, Windows Server, Linux/Unix, LDAP/Active…