Principal Recovery Specialist

Summary

Join Halcyon, a leading anti-ransomware solution provider, as a Principal Recovery Specialist. You will lead and deliver high-touch consulting services to ransomware victims, leveraging advanced technical and forensic skills. This role involves managing incident response, providing detailed analysis, and collaborating with clients and internal teams. You will guide other recovery specialists, contribute to product enhancements, and improve recovery methodologies. The position requires strong technical expertise in Windows and Linux systems, forensics, and scripting. Halcyon offers a remote-native work environment and a comprehensive benefits package.

Requirements

• BA/BS degree or 10+ years of relevant work experience in an IT-related field – specifically in a Windows or Linux system administration or equivalent role
• 3+ years of experience in a customer-facing role either in information security consulting, managed services or technical support
• Strong customer service focus, with the ability to communicate with highly technical management teams
• Ability to properly prioritize and execute multiple assignments simultaneously in a fast-paced, high-growth environment
• A willingness to lead by example and participate actively in the workload
• Excellent verbal and written communication and presentation skills
• Maintains a positive attitude and quickly adapts to change
• Windows software installation, monitoring, remote access configurations and components of Windows based security, including but not limited to: user / group permissions, file / folder permissions, group policies, local security policies, etc
• Good understanding of the Windows operating system and analysis/debugging tools such as Sysinternals Suite
• Similar topics as above related to Linux systems administration
• Familiarity with programming in Python with examples of projects and/or how they contributed to past solutions and success
• Strong proficiency in using command-line interfaces on both Windows (PowerShell, Command Prompt) and Linux (Bash, shell scripting) for system administration, troubleshooting, and automation
• Implementation and management of virtualization solutions including but not limited to: ESXi, HyperV, VirtualBox, etc
• Installing, configuring, and administering network technologies or protocols including RDP, SSH, DHCP, DNS, proxies, etc
• Advanced file and system forensics capabilities demonstrating knowledge in NTFS, MFT, FAT, VMFS, etc
• Familiarity with using a hex editor to analyze files, detect file formats, and identify discrepancies
• Experience with GitLab, GitHub, or other repository management systems
• Familiarity with building existing software projects from source
• Good understanding of OSI Model, TCP/IP protocol suite (IP, ARP, ICMP, TCP, UDP, SMTP, FTP, TFTP)
• Experience with common software deployment tools such as Microsoft InTune, SCCM, BigFix, etc

Responsibilities

• Execute the day-to-day activities of ransomware recovery projects, engaging professionally with insurance, incident response, and client staff
• Provide guidance and support to other Halcyon Recovery Specialists in executing their ransomware recovery projects as required
• Coordinate with technical employees at victims to configure and orchestrate all necessary steps to executing Halcyon’s project methodology
• Analyze and assess the status of recovery projects to set goals and initiatives to successfully progress through a recovery project
• Create and provide reporting and status updates to a diverse set of stakeholders on a timely basis
• Work closely with Halcyon’s engineering team to provide feedback on Halcyon tools and technologies for product enhancements or troubleshooting
• Provide recommendations and implement improvements to all components of the Halcyon recovery project methodology to improve client outcomes and value realization

Preferred Qualifications

• Experience as a penetration tester or other offensive security professional
• Experience as an incident responder with examples of cases handled and their outcomes
• Familiarity with programming in C, C++, Rust
• Experience with software development involving implementation of cryptosystems or cryptographic primitives

Benefits

• Comprehensive healthcare (medical, dental, and vision) with premiums paid in full for employees and dependents
• 401k plan with a generous employer contribution
• Short and long-term disability coverage, basic life and AD&D insurance plans
• Medical and dependent care FSA options
• Flexible PTO policy
• Parental leave
• Generous equity offering