CYPFER

Compensation

Full Description

About Us CYPFER is a true first-responder Cybersecurity organization enabling clients to return to business rapidly, the right way, following a cyber-attack. We are a global market leader in ransomware post-breach remediation and cyber-attack first response. We deliver results that far surpass market statistics for cyber-extortion and ransomware events. Our team of cybersecurity professionals works with prominent global insurance carriers, leading law firms, and Fortune 1000 businesses. Director, Post Breach Recovery/IR We are looking for an experienced Director, Cybersecurity - Post Breach Recovery/IR to lead complex post-breach remediation and ransomware recovery engagements. This role requires a technical leader who can guide teams through containment and recovery while also serving as a deep technical resource when complex problems arise. Our consultants regularly rebuild compromised enterprise environments, and this Director will play a key role in both leading engagements and supporting the technical direction of the team. The ideal candidate brings strong hands-on infrastructure and security experience combined with the ability to lead teams during high-pressure cyber incidents. Key Responsibilities • Lead technical recovery efforts during major cyber incidents • Direct teams rebuilding compromised infrastructure and identity platforms • Serve as a senior technical resource for complex recovery challenges • Guide containment, eradication, and recovery operations • Help design and execute secure rebuild strategies for enterprise environments • Communicate clearly with executives, legal teams, and technical stakeholders • Mentor and support consultants across multiple engagements • Contribute to the development of recovery playbooks and frameworks Required Experience • 8+ years in cybersecurity, incident response, or enterprise infrastructure • Strong technical background in enterprise systems and identity architecture • Experience with Active Directory recovery and identity security • Hands-on familiarity with EDR, containment strategies, and remediation workflows • Experience leading technical teams during major cyber incident • Ability to operate both strategically and hands-on when needed Preferred Qualifications • Experience leading ransomware or large-scale cyber recovery engagements • Background in consulting or incident response services • Experience rebuilding enterprise Active Directory or hybrid identity environments • Familiarity with Entra ID, modern identity platforms, and cloud infrastructure If you thrive in high-stakes environments and want to help organizations rebuild after major cyber incidents, we’d love to hear from you. CYPFER is an equal opportunity employer. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know. We celebrate our inclusive work environment and welcome members of all backgrounds and perspectives to apply. We thank you for your interest in joining the CYPFER team! While we welcome all applicants, only those who are selected for an interview will be contacted.