Director of Incident Response

Remote $69k–$115k senior 1 month ago full-time quality 8.2/10

Role in brief

Fenix24, part of Conversant Group, is seeking a Director of Incident Response to lead engineering teams in restoring IT operations for companies hit by ransomware attacks. This senior remote role requires a leader with deep IT infrastructure engineering experience and strong communication skills to manage complex, high-stakes recovery efforts and drive team development.

IT infrastructure engineeringendpoint security controlsperimeter firewallsMicrosoft ExchangeOffice 365Windows Server

About the role

This role involves leading engineering teams to restore IT operations for organizations that have experienced ransomware attacks. The Director will manage the entire incident response lifecycle, from initial engagement scoping with clients and forensic partners to overseeing the execution of recovery playbooks. Success in this position means minimizing business interruption and cost for victims of cyberattacks, ensuring a fast and professional restoration process.

The Director will be responsible for hands-on executive leadership, guiding teams of engineers and project managers through critical recovery missions. This includes distributing workloads, ensuring team utilization across multiple engagements, and serving as an escalation point for clients. The role also requires developing and refining runbooks for both cloud and on-premises restorations, ensuring the team is equipped with the most effective strategies.

A key aspect of this position is building and evolving the team structure to maximize scalability, knowledge sharing, and delivery excellence. The Director will support operational teams to achieve high customer satisfaction, foster team member engagement, and contribute to the company's profitability. This leadership role also involves participating in sales efforts by engaging with clients to pursue new opportunities.

The annual salary for this position is between $69,000 and $115,000 USD.

Skills that matter here

  • IT infrastructure engineering: This role requires a minimum of 10 years in this area, providing the foundation for leading complex recovery missions.
  • endpoint security controls: Experience with these controls is necessary for understanding and addressing vulnerabilities in post-ransomware recovery.
  • perimeter firewalls: Knowledge of firewalls is essential for securing and restoring network boundaries after a cyberattack.
  • Microsoft Exchange: Familiarity with this platform is crucial for restoring email and communication systems for affected clients.
  • Office 365: Expertise in Office 365 is required for recovering cloud-based productivity suites and data.
  • Windows Server: Proficiency with Windows Server operating systems is fundamental for restoring on-premises infrastructure.

Who this role suits

  • A leader with a proven track record of at least 10 years in IT infrastructure engineering and leadership.
  • Someone who thrives in high-stakes environments and can provide hands-on executive guidance to engineering teams.
  • An individual with strong analytical and problem-solving skills, capable of organizing and executing complex missions.
  • A professional who excels at building relationships, communicating effectively, and developing less experienced staff.

From the employer

Key Responsibilities

  • Help lead engagement scoping, engaging with victims of ransomware and forensic partners in the ecosystem, as well as internal subject matter experts to understand inbound opportunities and help engage the appropriate engineering team members to address the requirements.
  • Manage workload distribution and team member utilization across multiple incident response engagements.
  • Provide hands-on executive leadership to teams of engineers (we call them cells, led by cell majors) who are executing the mission to minimize the enormous impact of a ransomware attack.
  • Drive the development, training and updating of runbooks across a wide range of infrastructure and applications for delivery of both cloud restorations and on-premises.
  • Build, manage, and continually evolve team structure to maximize scale, knowledge, opportunity, delivery excellence to customers, and profitability to Fenix24.
  • Support operational teams to ensure we are driving high levels of customer satisfaction and value, team member engagement, retention, growth, and profitability.
  • Function as a client and counsel escalation point to address any roadblocks, communication, or other issues as they arise.
  • Participate and partner with sales by engaging with clients in pursuit of opportunities.

Qualifications

  • At least 10 years in IT infrastructure engineering and leadership.
  • Recent experience in leading engineering teams in complex, high stakes engagements.
  • Managed Services experience and/or incident response restoration both pluses (not required).
  • Deep technical acumen and ability to organize/execute complex missions.
  • 7+ Years of relevant IT infrastructure engineering experience including endpoint security controls, perimeter firewalls, Microsoft Exchange and Office 365, and Windows Server operating systems.
  • Ability to respond to inquiries and work beyond normal business hours, provide management to engineering teams of up to 24 in team size.
  • Excellent analytical, organization, and problem-solving skills.
  • Demonstrated ability to plan, organize, train, evaluate and direct work of less experienced staff.
  • Demonstrated strong written and oral communication skills, including strong relationship building skills.
  • Ability to form relationships across all levels of the company while modeling Fenix24's culture and values.
  • Bachelors or Associate degree in Information Technology.

Questions about this role

What is the remote work policy for this role?

This is a fully remote position.

What level of seniority is expected for this position?

This is a senior-level role, requiring significant experience in IT infrastructure engineering and leadership.

What is the salary range for this position?

The salary for this role ranges from $69,000 to $115,000 USD annually.

Similar jobs

Before you apply

  • Legitimate employers never ask you to pay anything to apply or get hired.
  • Never share seed phrases or private keys. No real job needs them.
  • Do not install software ("test tasks", "trading tools", "video call clients") sent during hiring.
  • Check that the application page's domain really belongs to Conversant Group.