Principal Consultant, Restoration and Remediation

United StatesFull-timePosted Jul 16, 2026

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Principal Consultant, Restoration and Remediation based in United States.

This role offers the opportunity to lead high-impact cybersecurity recovery engagements and help organizations regain control after major incidents.
You will serve as a senior technical leader, guiding complex restoration and remediation efforts across enterprise environments.
The position combines hands-on technical expertise, strategic advisory, and client leadership during critical security events.
You will collaborate with cross-functional teams to restore systems, strengthen resilience, and improve recovery capabilities.
Beyond client delivery, you will mentor consultants and contribute to the evolution of cybersecurity response practices.
This is a remote opportunity for an experienced professional who thrives in fast-paced, high-pressure environments and enjoys solving complex challenges.

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Principal Consultant, Restoration and Remediation based in United States.

This role offers the opportunity to lead high-impact cybersecurity recovery engagements and help organizations regain control after major incidents.
You will serve as a senior technical leader, guiding complex restoration and remediation efforts across enterprise environments.
The position combines hands-on technical expertise, strategic advisory, and client leadership during critical security events.
You will collaborate with cross-functional teams to restore systems, strengthen resilience, and improve recovery capabilities.
Beyond client delivery, you will mentor consultants and contribute to the evolution of cybersecurity response practices.
This is a remote opportunity for an experienced professional who thrives in fast-paced, high-pressure environments and enjoys solving complex challenges.

Accountabilities:

    As a Principal Consultant, Restoration and Remediation, you will lead complex cybersecurity recovery initiatives while providing technical direction, strategic guidance, and operational leadership. You will work closely with clients and internal teams to ensure effective recovery outcomes, improve response capabilities, and support long-term cyber resilience.

    • Lead end-to-end restoration and remediation efforts for complex cyber incidents, including ransomware attacks, major breaches, and targeted compromises.
    • Develop and execute technical recovery strategies across hybrid environments, including on-premises infrastructure, cloud platforms, and SaaS applications.
    • Oversee the restoration and hardening of critical systems such as Active Directory, Azure AD, Microsoft 365, Exchange, VPNs, firewalls, MFA solutions, and backup platforms.
    • Advise executive stakeholders, including technology leaders, legal teams, and insurance partners, on recovery strategies, timelines, risks, and resilience improvements.
    • Coordinate recovery workstreams across cybersecurity, IT, legal, and insurance stakeholders to maintain alignment and technical accuracy.
    • Serve as a technical escalation point, resolving complex challenges during high-pressure recovery engagements.
    • Mentor consultants through technical coaching, project guidance, feedback, and professional development support.
    • Create and review technical documentation, executive reports, recovery timelines, and post-incident lessons learned.
    • Improve internal methodologies, tools, playbooks, and training resources to strengthen restoration and remediation capabilities.
    • Support proactive cybersecurity services, including readiness assessments, tabletop exercises, and executive advisory engagements.
    • Participate in after-hours incident response rotations when major security events require additional support.
    • Requirements:

      The ideal candidate brings extensive cybersecurity, infrastructure, and incident response experience, combined with strong leadership skills and the ability to communicate effectively with both technical teams and executive stakeholders. You should be comfortable managing complex recovery situations and driving outcomes in rapidly changing environments.

      • 10+ years of professional experience in cybersecurity, incident response, systems administration, network engineering, or IT infrastructure roles.
      • Proven experience leading enterprise-scale recovery efforts following cybersecurity incidents, preferably in a consulting or client-facing environment.
      • Strong technical expertise with Active Directory, Azure AD, Microsoft 365, Exchange, Group Policy, virtualization platforms such as VMware, Hyper-V, or Citrix, and enterprise backup solutions.
      • Deep understanding of infrastructure recovery, network segmentation, identity restoration, endpoint security, and post-compromise remediation.
      • Ability to design and execute remediation plans alongside DFIR, SOC, cloud, and infrastructure teams.
      • Experience advising senior business, technical, legal, and insurance stakeholders during critical incidents.
      • Strong written and verbal communication skills, including experience delivering executive-level updates and technical reports.
      • Demonstrated ability to mentor and develop technical professionals within a team environment.
      • Knowledge of attacker tactics, techniques, procedures (TTPs), and their impact on recovery planning.
      • Relevant cybersecurity certifications such as CISSP, GCFA, MCSE, or OSCP are highly preferred.
      • Strong problem-solving skills, adaptability, ownership mindset, and willingness to continuously learn new technologies and approaches.
      • Benefits:

        • Competitive compensation package and comprehensive total rewards program.
        • Fully remote work environment.
        • Generous paid time off policy and floating holidays.
        • Paid parental leave.
        • Employer-paid medical, dental, and vision insurance premiums for employees and dependents.
        • Comprehensive benefits including 401(k) matching, disability coverage, flexible spending accounts (FSA), health savings account (HSA), life insurance, and AD&D coverage.
        • Professional development opportunities and career advancement support.
        • Ongoing coaching, feedback, recognition, and growth opportunities through structured performance management programs.
How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!  Why Apply Through Jobgether?    Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.     #LI-CL1

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free