GuidePoint Security
We help organizations make smarter cybersecurity decisions that minimize risk.
Recovery and Restoration Engineer
Location
United States
Posted
1 day ago
Salary
Not specified
4 yrs expEnglishAzureCloudDNSPythonVmware
Job Description
• Manage IT recovery projects involving on-premises endpoint and network infrastructure, Azure AD, and Microsoft 365
• Develop technical remediation and restoration plans tailored to the impact of a client's environment with oversight from senior engineers
• Implement network containment on common firewall platforms in preparation for recovery efforts
• Rebuild Active Directory domains, DNS/DHCP, and GPO structures to a clean baseline
• Restore and validate virtualized workloads (VMware, Hyper-V) and critical file/application servers
• Recover and secure Azure AD identities, Conditional Access, and synchronization with on-prem AD
• Rebuild Exchange Online, SharePoint, OneDrive, and Teams configurations
• Validate and restore data from backups (Veeam, Rubrik, Datto, etc.) ensuring integrity and cleanliness
• Utilize common remote management tools to assist impacted clients remotely
• Apply industry standard Microsoft hardening guidelines throughout recovery processes
• Implement common compliance controls, such as MFA, Defender for Office 365, and Purview
• Develop automation scripts (PowerShell/Python) for recurring recovery workflows
• Document rebuilt configurations and provide client recommendations for hardening and post-incident validation
• Mentor and provide technical guidance to junior engineers during recovery engagements
• Participate in after-hours response rotations
• Travel to client sites as required to perform critical recovery activities and on-site validation (up to 50%)
Job Requirements
- 4–7 years of experience in infrastructure engineering roles, preferably within consulting, MSP, or IR/recovery efforts
- Strong knowledge of Windows Server, Active Directory, Azure AD, and Microsoft 365 administration
- Solid experience with VMware or Hyper-V virtualization platforms
- Proficiency in PowerShell scripting (experience with AzureAD, ExchangeOnline, Graph API modules preferred)
- Working knowledge of backup restoration workflows and immutable storage systems
- Strong understanding of identity security, Conditional Access, Defender for Cloud Apps, and Exchange Online Protection
- Experience with common firewall platforms and network segmentation concepts
- Proven experience in recovery or rebuild scenarios post-incident (ransomware or other destructive attacks)
- Ability to identify common persistence mechanisms and rebuild clean environments under tight timelines
- Working knowledge of NIST CSF, CIS benchmarks, and insurance-driven recovery requirements
- Understanding of threat actor tactics and methods to ensure complete remediation
- Strong communication and documentation skills across technical and non-technical stakeholders
- Proven ability to work alongside IR firms, legal counsel, and insurers during live recovery engagements
- Capable of guiding junior engineers and contributing to structured rebuild methodologies
- Ability to manage multiple priorities and coordinate with various teams during high-pressure situations
- Calm and decisive under pressure; able to prioritize critical-path recovery items
- Highly organized with a disciplined approach to communicating recovery milestones, task tracking, and reporting
- Willingness to travel up to 50% to client environments as needed for hands-on rebuilds and validation
- Self-motivated with strong problem-solving skills and attention to detail
Benefits
- Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans)
- Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
- 12 corporate holidays and a Flexible Time Off (FTO) program
- Healthy mobile phone and home internet allowance
- Eligibility for retirement plan after 2 months at open enrollment
- Pet Benefit Option
