Breach Preparedness and Response Consultant

Identity Security Remote, United States


Semperis focuses on creating an employee experience that is aligned with our vision—being a Force for Good— starting with being a good workplace. Semperis is recognized as one of America’s Fastest-Growing Cybersecurity Companies on the Inc. 5000 List, a DUNS 100 top Start Up to work for and Inc. Best Workplace for multiple years.        
What we are looking for:        
We are looking for a Breach Preparedness and Response Consultant to join our team.
What you will be doing:      
As a Breach Preparedness and Response Consultant at Semperis, you will be an essential member of our Breach Planning & Response team, collaborating with the Director of Incident Response and your colleagues to deliver the latest security and identity Breach Preparedness and Response services.         
You will be responsible for delivery of Breach Preparedness services, and more specifically:       
  • Delivery of client facing security assessments and disaster recovery planning and exercise simulations;
  • Assist with the (continuous) development of the Breach Preparedness and Response service offerings;
  • Participate/Support in Incident Response Recovery and Investigations for clients;
  • Investigate current and new technical capabilities that can support and enhance the Breach Preparedness and Response service offerings;
  • External exposure like presenting at conferences, writing blog posts, webinars, etc.;
  • Use Semperis solutions, and other (open source) tools, during ADSA, ADFR-PE and IR scenarios;
  • Maintain knowledge of emerging trends in related technology areas;
  • Project management responsibilities for assigned engagements;
What you will bring to the table:          
  • At least 5 years of knowledge and hands on experience in Active Directory in both small, medium, and large environments;
  • At least 5 years of experience in penetration testing, red teaming and application security testing.
  • Knowledge and experience in security assessing Active Directory, Azure Active Directory technologies, Active Directory Federation Service (ADFS) and Azure AD Connect;
  • Deep understanding of Semperis products, or willingness to get that deep understanding;
  • Awareness of identity, access management and information security product landscapes;
  • Bachelor or Master's degree in Computer Science, Information Systems, or equivalent experience is a plus;
  • Excellent verbal and written communication skills;
  • Excellent presentation skills for customers, webinars and conferences are a plus;
  • Fluent English is necessary;
  • Willingness and ability to travel abroad as needed.
  • Ability to actively participate in Incident Response on-call rotation.
Bonus Points:       
  • Ability to aid the development of training material for all service offerings;
  • Knowledge and experience in working in IR scenarios, with primary focus on Active Directory
  • Knowledge and hands on experience in Azure Active Directory technologies, Active Directory Federation Service (ADFS) and Azure AD Connect in both small, medium, and large environments is a significant advantage;
  • Offsec Background:
    • Penetration Testing: Working with IT and Security, conduct simulated attacks and penetration tests on internal systems, networks, and applications to identify security vulnerabilities and weaknesses.
    • Red Team Exercises: Plan, coordinate, and execute red team exercises to simulate real-world cyberattacks and assess our company's ability to detect and respond to advanced threats.
    • Infrastructure Security Assessment: Evaluate the security of our cloud and on-premises infrastructure, including servers, databases, and network devices, to identify misconfigurations, vulnerabilities, and weaknesses.
    • Product Security Assessment: Assess the security of our software applications.  Leverage OWASP AppSec methods to ensure our products meet and exceed security requirements through secure coding or compensating controls.
    • Reporting and Documentation: Document findings, develop comprehensive reports, and provide actionable recommendations to stakeholders, including executives, developers, and system administrators.
      We apologize, but we are currently unable to support visa sponsorship for this position.  
With teams around the world, you’ll be working alongside top global talent in Cybersecurity and Identity Access Management.  
If you are a purpose-driven person who always sees the glass as half full, seizes opportunities, and has an urge to learn and develop your skills while managing a balanced, healthy life—we’d love to meet you.  
Semperis is proud to be an Equal Opportunity Employer. Semperis is an equal opportunity employer and will not discriminate against an applicant or employee based on race, color, religion, creed, national origin or ancestry, ethnicity, sex (including gender, pregnancy, sexual orientation, and gender identity), age, physical or mental disability, veteran or military status, genetic information, citizenship, marital status, or any other legally recognized protected basis under federal, state, or local law. The information collected by this application is solely to determine suitability for employment, verify identity, and maintain employment statistics on applicants.  
 Applicants with disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and other applicable state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on Semperis. Please inform Semperis representative Anna Taylor, Director of Global Recruiting, if you need assistance completing this application or to otherwise participate in the application process.