Halcyon’s goal is to deliver an anti-ransomware solution that breaks new ground as to what a security product can deliver. Halcyon’s primary focus is ransomware recovery through our key capture technology. Aligned with this focus, Halcyon is adding a Principal Recovery Specialist to lead and deliver consulting services related to our platform.
The Principal Recovery Specialist will personally deliver high touch customer service to victims of ransomware while leveraging advanced technical, forensic and communication skills in fast paced projects and will provide direction and support to other Halcyon Recovery Specialists as required. We’re looking for someone capable of effectively managing the pace and lifestyle of incident response while providing the attention to detail necessary to deliver value in stressful situations.
Responsibilities:
Execute the day to day activities of ransomware recovery projects, which requires engaging professionally with a diverse group of insurance, incident response, and client (executive and technical) staff
Provide guidance and support to other Halcyon Recovery Specialists in the execution of their ransomware recovery projects as required
Coordinate with technical employees at victims to configure and orchestrate all necessary steps to executing Halcyon’s project methodology
Analyze and assess the status recovery projects (your own and of others as needed) to set goals and initiatives to successfully progress through a recovery project
Create and provide reporting and status updates to a diverse set of stakeholders on a timely basis
Work closely with Halcyon’s engineering team to provide feedback on Halcyon tools and technologies for product enhancements or troubleshooting
Provide recommendations and implement improvements to all components of the Halcyon recovery project methodology to improve client outcomes and value realization
Skills and Qualifications:
BA/BS degree or 10+ years of relevant work experience in an IT-related field – specifically in a Windows or Linux system administration or equivalent role
3+ years of customer facing role either in information security consulting, managed services, or technical support role
3+ years of experience in a customer-facing role either in information security consulting, managed services or technical support
Strong customer service focus, with the ability to communicate with highly technical management teams
Ability to properly prioritize and execute multiple assignments simultaneously in a fast-paced, high-growth environment
A willingness to lead by example and participate actively in the workload
Excellent verbal and written communication and presentation skills
Maintains a positive attitude and quickly adapts to change
Technical Knowledge:
Windows software installation, monitoring, remote access configurations and components of Windows based security, including but not limited to: user / group permissions, file / folder permissions, group policies, local security policies, etc.
Good understanding of the Windows operating system and analysis/debugging tools such as Sysinternals Suite
Similar topics as above related to Linux systems administration
Familiarity with programming in Python with examples of projects and/or how they contributed to past solutions and success
Strong proficiency in using command-line interfaces on both Windows (PowerShell, Command Prompt) and Linux (Bash, shell scripting) for system administration, troubleshooting, and automation.
Implementation and management of virtualization solutions including but not limited to: ESXi, HyperV, VirtualBox, etc.
Installing, configuring, and administering network technologies or protocols including RDP, SSH, DHCP, DNS, proxies, etc.
Advanced file and system forensics capabilities demonstrating knowledge in NTFS, MFT, FAT, VMFS, etc.
Familiarity with using a hex editor to analyze files, detect file formats, and identify discrepancies
Experience with GitLab, GitHub, or other repository management systems
Familiarity with building existing software projects from source
Good understanding of OSI Model, TCP/IP protocol suite (IP, ARP, ICMP, TCP, UDP, SMTP, FTP, TFTP)
Experience with common software deployment tools such as Microsoft InTune, SCCM, BigFix, etc.
Technical Skills:
Windows Administration: Installation, monitoring, and remote access configuration. Strong understanding of Windows-based security, including user/group permissions, file/folder permissions, Group Policy Objects (GPOs), and local security policies.
Linux Administration: Similar working knowledge of system security, user management, permissions, process control, and system logging
Command-Line Proficiency: Strong ability to use command-line interfaces on both Windows (PowerShell, Command Prompt) and Linux (Bash, shell scripting) for system administration, troubleshooting, and automation
System Analysis & Debugging: Good understanding of the Windows operating system, including tools such as the Sysinternals Suite (Process Explorer, Procmon, Autoruns, etc.)
Scripting & Automation: Ability to write and modify scripts in Python, including examples of how scripting has contributed to past solutions and successes.
Virtualization Management: Implementation and management of virtualization solutions, including but not limited to VMware ESXi, Microsoft Hyper-V, VirtualBox, and experience working with virtualized environments
File System & Digital Forensics: Advanced understanding of file systems and forensic analysis, including NTFS, MFT, FAT, VMFS, and experience using forensic tools for analysis
Low-Level File Analysis: Familiarity with hex editors to analyze file structures, detect file formats, and identify anomalies
Software Compilation & Deployment: Familiarity with building software projects from source, troubleshooting dependencies, and handling build systems in Linux and Windows
Enterprise Software Deployment: Experience with common software deployment tools such as Microsoft InTune, SCCM, BigFix, or similar enterprise management platforms
Bonus Skills and Qualifications:
Experience as a penetration tester or other offensive security professional
Experience as an incident responder with examples of cases handled and their outcomes
Familiarity with programming in C, C++, Rust
Experience with software development involving implementation of cryptosystems or cryptographic primitives
This role may require traveling on short notice to a client site up to 50% of the Monday-Friday working days within a year. Historic rates have shown travel utilization of less than 25% in the past 12 months but the willingness and ability to travel frequently within 24-48 hours notice is a must.
Benefits:
Halcyon offers the following benefits to eligible employees:
Comprehensive healthcare (medical, dental, and vision) with premiums paid in full for employees and dependents.
401k plan with a generous employer contribution.
Short and long-term disability coverage, basic life and AD&D insurance plans.
Medical and dependent care FSA options.
Flexible PTO policy.
Parental leave.
Generous equity offering.
The Company reserves the right to modify or change these benefits programs at any time, with or without notice.
Base Salary Range: $150,000 - $190,000