Director, Post Breach Recovery/IR

Cypfer

$120K — $180K *
Miami, FL 33186In-Person
Information Technology
8 - 10 years of experience
More than 3 months ago
Job Overview by Ladders

Qualifications

  • 8+ years in cybersecurity, incident response, or enterprise infrastructure
  • Strong technical background in enterprise systems and identity architecture
  • Experience with Active Directory recovery and identity security
  • Hands-on familiarity with EDR, containment strategies, and remediation workflows
  • Experience leading technical teams during major cyber incidents
  • Ability to operate both strategically and hands-on when needed

Responsibilities

  • Lead technical recovery efforts during major cyber incidents
  • Direct teams rebuilding compromised infrastructure and identity platforms
  • Serve as a senior technical resource for complex recovery challenges
  • Guide containment, eradication, and recovery operations
  • Help design and execute secure rebuild strategies for enterprise environments
  • Communicate clearly with executives, legal teams, and technical stakeholders
  • Mentor and support consultants across multiple engagements
  • Contribute to the development of recovery playbooks and frameworks

Benefits

  • Inclusive work environment with a commitment to diversity
  • Opportunities for professional development and mentorship
  • Engagement with high-profile clients and complex projects
  • Participate in cutting-edge cybersecurity incident response initiatives
  • Autonomy to operate strategically and hands-on as needed
Full Job Description
Director, Post Breach Recovery/IR

We are looking for an experienced Director, Cybersecurity - Post Breach Recovery/IR to lead complex post-breach remediation and ransomware recovery engagements.

This role requires a technical leader who can guide teams through containment and recovery while also serving as a deep technical resource when complex problems arise. Our consultants regularly rebuild compromised enterprise environments, and this Director will play a key role in both leading engagements and supporting the technical direction of the team.

The ideal candidate brings strong hands-on infrastructure and security experience combined with the ability to lead teams during high-pressure cyber incidents.

Key Responsibilities
  • Lead technical recovery efforts during major cyber incidents
  • Direct teams rebuilding compromised infrastructure and identity platforms
  • Serve as a senior technical resource for complex recovery challenges
  • Guide containment, eradication, and recovery operations
  • Help design and execute secure rebuild strategies for enterprise environments
  • Communicate clearly with executives, legal teams, and technical stakeholders
  • Mentor and support consultants across multiple engagements
  • Contribute to the development of recovery playbooks and frameworks

Required Experience

  • 8+ years in cybersecurity, incident response, or enterprise infrastructure
  • Strong technical background in enterprise systems and identity architecture
  • Experience with Active Directory recovery and identity security
  • Hands-on familiarity with EDR, containment strategies, and remediation workflows
  • Experience leading technical teams during major cyber incident
  • Ability to operate both strategically and hands-on when needed


Preferred Qualifications
  • Experience leading ransomware or large-scale cyber recovery engagements
  • Background in consulting or incident response services
  • Experience rebuilding enterprise Active Directory or hybrid identity environments
  • Familiarity with Entra ID, modern identity platforms, and cloud infrastructure


If you thrive in high-stakes environments and want to help organizations rebuild after major cyber incidents, we'd love to hear from you.
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Information Technology Jobs

Find similar Director, Post Breach Recovery/IR jobs:

NationwideMiami, FL