✦ Luna Orbit — Cybersecurity

Recovery and Restoration Engineer - Remote (Anywhere in the U.S.)

at GuidePoint Security

📍 Remote, US Remote Posted March 31, 2026
Apply Now → ← Browse All Jobs

Position Details

Type Full-Time
Experience senior
Exp. Years 0
Education Not specified
Category Cybersecurity

About this role

Recovery and Restoration Engineer at GuidePoint Security focuses on rebuilding and securing infrastructure after ransomware or destructive cyber incidents, across on-premises and cloud environments including Active Directory, Azure AD, and Microsoft 365. The role combines technical hands-on work with leadership of junior engineers and coordination with IR teams and clients.

Key Responsibilities

  • Manage IT recovery projects
  • Develop remediation/restoration plans
  • Implement firewall containment
  • Rebuild AD, DNS/DHCP, GPOs
  • Restore and validate VMware/Hyper-V workloads

Technical Overview

Expertise in Windows Server/AD, Azure AD, Microsoft 365, VMware/Hyper-V, scripting (PowerShell, Python), and backup/immutable storage solutions. Applies industry hardening guidelines, identity security controls, and recovery automation; emphasizes post-incident validation and documentation.

Ideal Candidate

The ideal candidate is a senior cybersecurity professional with hands-on experience rebuilding and securing on-premises and cloud environments post-incident. They should demonstrate strong knowledge of Active Directory, Microsoft 365, Azure, and virtualization platforms, with proven ability to mentor junior engineers and lead recovery engagements.

Must-Have Skills

Windows ServerActive DirectoryAzure ADMicrosoft 365VMwarePowerShellPythonExchange OnlineSharePointConditional AccessDefender for Cloud AppsMFAGroup PolicyBackupsVeeamRubrikDattoBackup restoration workflowsImmutable storage

Nice-to-Have Skills

Experience with one or more EDR or security platformsCrowdStrikeSentinelOneDefenderAutomation scriptingAutomation/Orchestration

Tools & Platforms

AzureMicrosoft 365VeeamRubrikDattoVMwareHyper-VPowerShellExchange OnlineSharePointOneDrive

Required Skills

Windows ServerActive DirectoryAzure ADMicrosoft 365VMwareHyper-VPowerShellPythonExchange OnlineSharePointOneDriveTeamsConditional AccessDefender for Cloud AppsMicrosoft Defender for Office 365PurviewGroup PolicyMFABackupsVeeamRubrikDattoBackup restoration workflowsImmutable storage

Hard Skills

Windows ServerActive DirectoryAzure ADMicrosoft 365VMwareHyper-VPowerShellPythonExchange OnlineSharePointOneDriveTeamsConditional AccessDefender for Cloud AppsMicrosoft Defender for Office 365PurviewGroup PolicyMFABackupsVeeamRubrikDattoBackup restoration workflowsImmutable storageAzure

Soft Skills

CommunicationDocumentationLeadershipMentoringProblem-solvingOrganizationTeamworkAttention to detailCalm under pressure

Certifications

Preferred

Azure Administrator AssociateMicrosoft 365 Identity and ServicesMicrosoft 365 Security Administration

Industry & Role

Industry Consulting
Job Function Lead recovery engagements by rebuilding and securing IT environments after cyber incidents
Role Subtype Incident Responder
Tech Domains Active Directory, Microsoft 365, Azure, SharePoint, VMware, Windows Server

Keywords for Your Resume

Recovery and Restoration EngineerIncident ManagementActive DirectoryAzure ADMicrosoft 365VMwareHyper-VPowerShellPythonExchange OnlineSharePointOneDriveTeamsConditional AccessDefender for Cloud AppsMicrosoft Defender for Office 365PurviewGroup PolicyMFABackupsVeeamRubrikDatto

Deal Breakers

Lack of experience with Windows Server/AD or Azure AD, Inability to travel up to 50% or remote work limitations, No experience with backups/restoration workflows

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile