Consulting Director, Incident Recovery Operations

Summary

Join Palo Alto Networks as a Unit 42 Recovery Specialist and play a critical role in assisting customers with rebuilding and restoring their computing and networking environments after security incidents. You will lead and oversee external recovery partners, liaise with customer contacts, and articulate technical risks and recovery progress to diverse stakeholders. Your expertise in networking and security will guide customers through recovery processes, ensuring they adopt best practices. This hands-on role requires technical skills and exceptional communication to address complex issues and deliver innovative solutions. You will develop a unified approach to restoring infrastructure, lead third-party vendors, guide customers in implementing security standards, and proactively communicate project status. The position involves after-hours and weekend on-call coverage and up to 50% travel to customer locations in North America.

Requirements

• Prior implementation and/or troubleshooting of the following areas: Active Directory, DNS, network configuration, enterprise software deployment, endpoint detection and associated performance degradation, SIEM and log management, cloud environments and other applicable security platforms
• Minimum of ten years experience in information technology, systems administration, or network administration, with a minimum of three years experience managing security solutions in enterprise environments
• Ability to remain calm, composed and articulate when dealing with high-pressure situations
• Excellent written and verbal communication skills, including the ability to distill and convey complex technical concepts, findings, and recommendations to client stakeholders who possess varying levels of subject-matter expertise
• Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience or equivalent military experience to meet job requirements and expectations

Responsibilities

• Develop (in collaboration with the Incident Response lead) a unified and holistic approach to restoring technological infrastructure in the midst and/or aftermath of a cyber security incident
• Develop strategic processes to allow the client to cleanly and safely bring systems back into production
• Lead and oversee third-party vendors to ensure that recovery and restoration activities are conducted in accordance with Unit 42 standards and in a cohesive manner
• As a trusted advisor, guide Unit 42 customers through implementing security standards and best practices in the context of restoring operations
• Proactively identify and communicate project status, risks and issues with the client contact(s) and the Unit 42 engagement lead(s)
• Provide after-hours and weekend on-call coverage as needed to support engagement activities
• Partner with the relevant account teams to understand customers’ prior investments in PANW offerings and ensure that recommendations for expansion are presented in a methodical and sensible manner
• Travel as needed to customer locations in North America, often with minimal advance notice, up to 50% of the time
• Other tasks and duties as needed to support the customer and/or business

Preferred Qualifications

Prior experience in consulting or other client-facing roles

Benefits

The offered compensation may also include restricted stock units and a bonus