Job Title: Senior Technical Lead Ransomware Restoration - CONTRACT ONLY
About the Role
The Senior Technical Lead is responsible for overseeing key technical workstreams during ransomware restoration events. In this role, you will manage the hands-on recovery of client environments affected by cyber incidents, ensuring that systems, infrastructure, and operations are restored quickly and securely.
This position calls for sharp technical acumen, strong problem-solving capabilities, effective communication, and the ability to lead teams in high-pressure, time-sensitive situations. Youll coordinate with internal engineering teams, digital forensics experts, external breach counsel, and client stakeholders to drive successful outcomes across U.S. and international engagements.
Key Responsibilities
Workstream Oversight
-
Provide oversight and direction on technical recovery workstreams, ensuring consistent execution across all facets of the engagement.
-
Allocate engineering resources appropriately based on skillsets and project needs.
-
Support resource planning, budgeting, and staffing coordination for optimal engagement outcomes.
Client Interaction
-
Serve as a technical point of contact for clients, addressing unique recovery challenges in real time.
-
Participate in collaborative communication channels (e.g., Teams, Slack, Signal) and maintain discretion in sensitive or high-impact scenarios.
-
Ensure transparency and clarity in progress reporting throughout the engagement.
Reporting & Documentation
-
Deliver daily updates to internal teams and clients regarding restoration status and technical blockers.
-
Contribute to the creation and refinement of technical documentation, SOPs, and client-specific playbooks.
-
Analyze team performance, productivity, and utilization metrics to optimize delivery models.
Global Support
-
Provide remote and on-site support for engagements in the U.S., EMEA, and APAC as needed.
-
Navigate time zone demands to ensure global client satisfaction and continuous restoration progress.
Core Technical Requirements
Competent-Level Skills
-
Network Routing/Switching: Port configs, MAC/ARP tables, static routes
-
Backup Infrastructure: Installations, job creation, server rebuilds (with guidance)
Advanced-Level Skills
-
VMware & Hyper-V: Host/server builds, virtual machine configurations
-
Firewalls: VPN config, log exports, S2S tunnels, AD & MFA integration
-
Storage: LUN & iSCSI troubleshooting, SAN/NAS environment rebuilds
Proficient-Level Skills
-
Active Directory: Full domain services config, NPS/CA roles, Entra ID sync
-
Trusts, Sites & Services: Domain trust recreation and troubleshooting
Expert-Level Skills
-
EDR/XDR: Deployment, troubleshooting, alert analysis, reporting
-
Forensic Collections: Imaging, executable failures, log handling across platforms
Ideal Candidate Profile
-
Thrives in fast-moving environments and adapts quickly to shifting client needs
-
Demonstrates leadership in both technical execution and cross-team collaboration
-
Maintains a high standard for operational quality, process integrity, and documentation
-
Comfortable interfacing directly with clients during high-pressure incidents
