Job description

Summary/Objective Founded in 2006, CyberClan is dedicated to solving intricate cybersecurity challenges by safeguarding data and ensuring business continuity. Our Global Incident Response Teams operate around the clock, ready to respond to cyber attacks with our proven strategies. Our mission is to restore business operations swiftly while minimizing disruption. We are seeking a proactive and detail-oriented Systems Support Administrator to join our IT team. This senior-level role is suited for a candidate with a solid background in systems administration who is eager to advance their career. In this position, you will manage and support clients' servers, systems, and IT infrastructure, while also working on initiatives that enhance their technological environment. You will mentor junior team members and juggle multiple projects simultaneously. This role involves engaging with a variety of networking technologies, including wired, wireless, and cloud-based solutions. Please note that extensive travel to various locations will be required, often on short notice. Reporting to the Global Head of Digital Forensics & Incident Response, the chosen candidate will be part of the Post Breach Remediation team and will serve as the Incident Commander for both on-site and remote incidents. You will collaborate closely with various cross-functional teams within the organization. Essential Functions • Assist the DFIR team with imaging, data acquisition, and agent installation for compromised clients on-site. • Support the scoping of new engagements, guiding clients from discovery through mitigation and remediation. • Lead the rebuilding and restoration of compromised systems and networks, ensuring security and operational capability. • Implement best practices and security measures to fortify systems against future attacks, including firewall, VPN, and group policy configurations. • Maintain open communication with the DFIR team and Sales regarding compromised clients. • Assist DFIR team with additional workflows through incident response cases. • Effectively communicate with clients to assess needs, provide updates on remediation, and advise on improving their cybersecurity posture. • Create custom scripts, tools, or methodologies to enhance CyberClan's incident response processes. • Stay updated on the latest cybersecurity threats and remediation techniques. • Record detailed remediation activities, configurations, and changes for auditing and compliance. • Identify long-term client requirements for handover to Sales teams. • Research vendor solutions to enhance client experiences and elevate recommendations to Leadership. • Develop workflows, playbooks, and best practices for regional application. • Communicate investigative findings and strategies to client stakeholders across various levels. • Provide immediate, actionable security advice to clients facing active cyber threats. • Triage high-stakes security events and apply security controls for effective threat management. • Recognize attacker tools and techniques, codifying them into indicators of compromise for future use. • Deliver in-person and digital training to clients and stakeholders. • Serve as a systems administrator for SaaS, on-premises, and Cloud platforms. • Translate stakeholder requests into application functionality effectively. • Design tools workflows and document system setups. • Create system integrations and troubleshoot as required. • Design, install, maintain, and support network infrastructure hardware and software. • Participate in on-call rotations for after-hours critical infrastructure support. • Adapt to changing priorities and undertake additional duties as necessary. Required Skills, Experience, Degrees or Certification • 4-6 years' experience in a Network Administrator, Server Engineer, or similar role. • Degree in information technology, computer science, or related field; relevant certifications preferred (e.g., Cisco CCNA, CompTIA Security+). • Project management and IT framework training and certifications are assets. • Strong knowledge of network, server, storage, data center, firewall, virtualization, Active Directory, and authentication technologies. • Experience with major brand networking devices, firewalls, and virtualization technologies. • Ability to configure and maintain web services, databases, and perform SQL scripting. • Proficient in M365 product suite, including Azure, OneDrive, SharePoint, and their security configurations. • Hands-on project experience in network design, server migration, cybersecurity policies, disaster recovery, and high-availability infrastructure. • Excellent oral and written communication skills; strong problem-solving and organizational abilities. • Self-motivated and customer-oriented with a commitment to continuous learning and professional growth. • Strong analytical skills in a cybersecurity setting; experience with malware identification. • Familiarity with various server environments, Windows Domains, and cloud services. • Proficient in network protocols and traffic analysis; scripting or programming knowledge is a plus. Preferred Skills, Experience, Degrees or Certifications • Technical certifications such as CISSP, OSCP, GCIH, GCFA, or related are preferred. • Experience with penetration testing and red teaming. • Familiarity with MacOS and Linux distributions. • Background working with law enforcement. • Experience interacting with the Dark Web and Threat Actors. Job Type Full-time/Exempt Location 100% Telecommuting % of Travel Required Up to 70% Physical Requirements Prolonged periods of sitting at a desk and working on a computer. CyberClan is an equal opportunity employer. All applicants will be considered for employment regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, or disability status.

Requirements