Job Description

Secureworks (NASDAQ: SCWX) a global cybersecurity leader, enables our customers and partners to outpace and outmaneuver adversaries with more precision, so they can rapidly adapt and respond to market forces to meet their business needs. With a unique combination of cloud-native, SaaS security platform and intelligence-driven security solutions, informed by 20+ years of threat intelligence and research, no other security platform is grounded and informed with this much real-world experience. www.secureworks.com

We enjoy competitive compensation and benefits packages, and reward and recognize our employees for exceptional results. A constant focus on continued learning and growth keeps our team members engaged and excited about whats next. We offer flexible work options when available, and emphasize the importance of work-life balance. We know that when our people are rewarded, recognized, and rejuvenated, we win as a team.

Role Overview:

The Incident Response Security Architect will be responsible for communicating, planning, and directing customers in preparation and response to major incidents affecting core infrastructure like Active Directory and Remote Access (VPN, RDP, MFA).

Willingness to travel up to 15% including at short notice

Role Responsibilities:

* Proactive Services regarding core security infrastructure:
* Work with customers to audit existing security controls, practices, and ability to gather relevant telemetry
* Be a key stakeholder in customer facing runbooks
* Provide SME input to SCWX counter measures and malware analysis teams
* Mentor/Train teams and help keep them updated with changes, regarding analysis
* Reactive Services regarding core security infrastructure:
* Supervise and coordinate with multiple teams, including customer and other external entities, participate in various workstreams (such as AD Review or MFA implementation team)
* Guide cybersecurity incident response monitoring and auditing activities for customer engagements. Develop detailed tasks for customers to execute during a cybersecurity incident, such as:
* Auditing tasks
* Monitoring tasks
* Enterprise wide credential reset, including Unix environments
* Scripts to enhance and enforce security of AD environment
* Develop architectural recommendations and advice during a cybersecurity incident, such as:
* Implementation of MFA
* Modification of Remote Access processes
* Gathering, Recording, Retaining Telemetry (Logging)

Requirements:

* Minimum 5 years security architecture experience
* Minimum 5 years Microsoft Windows Active Directory Experience

Preferences:

* Undergraduate degree in a technical field strongly preferred
* undergraduate and Graduate degree in Computer Science or directly related, i.e. Computer Forensics
* Consulting experience with large external customers, preferably with large multinational organizations
* Project management experience working with multiple teams, to include negotiating timelines and project requirements
* Proficient in bash and PowerShell scripting
* Implementation of security best practices technologies, including features in Windows 10
* Prior experience as systems administrator in an enterprise environment
* Implementation of multifactor authentication in enterprise environment

LI-Remote

Secureworks (A Dell Technologies Company) is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Secureworks are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Secureworks will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Secureworks here