Consulting Director, Incident Recovery Operations

Summary

Join Palo Alto Networks as a Unit 42 Recovery Specialist and play a critical role in assisting customers with rebuilding and restoring their computing and networking environments after security incidents. Collaborate with the Unit 42 service delivery team, lead external recovery partners, and liaise with diverse customer contacts. Clearly articulate technical risks and recovery progress to stakeholders. Leverage expertise in networking and security solutions to guide customers through recovery processes, ensuring best practices are adopted. This hands-on role requires technical skills and exceptional communication to address complex issues and deliver innovative solutions for a secure environment. You will develop a unified approach to restoring technological infrastructure, lead third-party vendors, guide customers in implementing security standards, and proactively communicate project status. Expect after-hours and weekend on-call support and travel up to 50% of the time.

Requirements

• Prior implementation and/or troubleshooting of the following areas: Active Directory, DNS, network configuration, enterprise software deployment, endpoint detection and associated performance degradation, SIEM and log management, cloud environments and other applicable security platforms
• Minimum of ten years experience in information technology, systems administration, or network administration, with a minimum of three years experience managing security solutions in enterprise environments
• Ability to remain calm, composed and articulate when dealing with high-pressure situations
• Excellent written and verbal communication skills, including the ability to distill and convey complex technical concepts, findings, and recommendations to client stakeholders who possess varying levels of subject-matter expertise
• Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience or equivalent military experience to meet job requirements and expectations

Responsibilities

• Develop (in collaboration with the Incident Response lead) a unified and holistic approach to restoring technological infrastructure in the midst and/or aftermath of a cyber security incident
• Develop strategic processes to allow the client to cleanly and safely bring systems back into production
• Lead and oversee third-party vendors to ensure that recovery and restoration activities are conducted in accordance with Unit 42 standards and in a cohesive manner
• As a trusted advisor, guide Unit 42 customers through implementing security standards and best practices in the context of restoring operations
• Proactively identify and communicate project status, risks and issues with the client contact(s) and the Unit 42 engagement lead(s)
• Provide after-hours and weekend on-call coverage as needed to support engagement activities
• Partner with the relevant account teams to understand customers’ prior investments in PANW offerings and ensure that recommendations for expansion are presented in a methodical and sensible manner
• Travel as needed to customer locations in EMEA , often with minimal advance notice, up to 30 - 50% of the time
• Other tasks and duties as needed to support the customer and/or business

Preferred Qualifications

Prior experience in consulting or other client-facing roles