×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

Recovery and Restoration Engineer - Remote; U.S

Remote / Online - Candidates ideally in
Tampa, Hillsborough County, Florida, 33646, USA
Listing for: GuidePoint Security
Remote/Work from Home position
Listed on 2026-03-10
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
  • Engineering
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Position: Recovery and Restoration Engineer - Remote (Anywhere in the U.S.)

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation's top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.

Role Summary

The Recovery and Restoration Engineer is a critical member of the Incident Management & Recovery team, responsible for rebuilding and securing infrastructure environments following ransomware or other destructive cyber incidents. This role combines strong on-premises infrastructure expertise (Active Directory, VMware/Hyper‑V, storage, backups, etc.) with solid Microsoft 365 and Azure tenant recovery experience. You will manage hands‑on rebuild efforts across identity, compute, storage, and cloud layers, working directly with clients, the Guidepoint Security Incident Response team, and internal engineers to restore business operations quickly, securely, and safely.

This position reports to senior engineers and serves as a technical lead for junior team members on recovery engagements.

Core Responsibilities
  • Manage IT recovery projects involving on-premises endpoint and network infrastructure, Azure AD, and Microsoft 365
  • Develop technical remediation and restoration plans tailored to the impact of a client's environment with oversight from senior engineers
  • Implement network containment on common firewall platforms in preparation for recovery efforts
  • Rebuild Active Directory domains, DNS/DHCP, and GPO structures to a clean baseline
  • Restore and validate virtualized workloads (VMware, Hyper‑V) and critical file/application servers
  • Recover and secure Azure AD identities, Conditional Access, and synchronization with on-prem AD
  • Rebuild Exchange Online, SharePoint, One Drive, and Teams configurations
  • Validate and restore data from backups (Veeam, Rubrik, Datto, etc.) ensuring integrity and cleanliness
  • Utilize common remote management tools to assist impacted clients remotely
  • Apply industry standard Microsoft hardening guidelines throughout recovery processes
  • Implement common compliance controls, such as MFA, Defender for Office 365, and Purview
  • Develop automation scripts (Power Shell/Python) for recurring recovery workflows
  • Document rebuilt configurations and provide client recommendations for hardening and post‑incident validation
  • Mentor and provide technical guidance to junior engineers during recovery engagements
  • Participate in after‑hours response rotations
  • Travel to client sites as required to perform critical recovery activities and on‑site validation (up to 50%)
Technical Expertise
  • Strong knowledge of Windows Server, Active Directory, Azure AD, and Microsoft 365 administration
  • Solid experience with VMware or Hyper‑V virtualization platforms
  • Proficiency in Power Shell scripting (experience with Azure

    AD, Exchange Online, Graph API modules preferred)
  • Working knowledge of backup restoration workflows and immutable storage systems
  • Strong understanding of identity security, Conditional Access, Defender for Cloud Apps, and Exchange Online Protection
  • Experience with common firewall platforms and network segmentation concepts
Recovery & Security Mindset
  • Proven experience in recovery or rebuild scenarios post‑incident (ransomware or other destructive attacks)
  • Ability to identify common persistence mechanisms and rebuild clean environments under tight timelines
  • Working knowledge of NIST CSF, CIS benchmarks, and insurance‑driven recovery requirements
  • Understanding of threat actor tactics and methods to ensure complete remediation
Collaboration & Leadership
  • Strong communication and documentation skills across technical and non‑technical stakeholders
  • Proven ability to work alongside IR firms, legal counsel, and insurers during live recovery engagements
  • Capable of guiding junior engineers and contributing to structured rebuild methodologies
  • Ability to manage multiple priorities and coordinate with various teams during high‑pressure situations
Professional Attributes
  • Calm and decisive…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search