Vector3, Inc., is an incident response firm supporting TMHCC Cyber and Professional Lines Group (CPLG). Vector3 specializes in responding to Business Email Compromise (BEC) and Ransomware incidents, helping insured organizations investigate, contain, and recover from cyber events.
As we expand our ransomware response capabilities, we are building a Restoration Services Program to help insureds securely and efficiently restore systems following ransomware events. This position — our first hire in this function — will play a foundational role in shaping, documenting, and leading our restoration engineering practice.
Role Overview
As the Senior Restoration Engineer, you will lead the development of restoration services from the ground up. You’ll design recovery playbooks, define technical processes, and build the engineering framework to restore infrastructure and business operations following ransomware attacks.
This is a hands-on builder role for an experienced engineer who thrives in fast-moving, entrepreneurial environments. You will balance technical depth with leadership, working directly with clients while mentoring and training future restoration engineers as the team grows.
Key Responsibilities
Program Development
· Design, document, and implement restoration procedures, tools, and playbooks for ransomware recovery.
· Establish repeatable workflows for system rebuilds, data restoration, and environment validation.
· Partner with leadership to develop technical standards, KPIs, and service delivery frameworks.
Incident Restoration and Support
· Lead client restoration efforts, including recovery of virtualized and physical systems, reimaging, data restoration, and validation of system integrity.
· Lead recovery and reconstitution of Active Directory, domain controllers, and identity infrastructure, including secure rebuilds, replication validation, and GPO restoration.
· Support restoration of Windows MDM environments (Intune, JAMF, Workspace ONE) and endpoint management configurations as part of full environment recovery.
· Collaborate with forensic analysts, SOC engineers, and claims professionals to align recovery operations with investigation findings and business priorities.
· Provide technical guidance on containment, eradication, and secure rebuilds following ransomware incidents.
Leadership and Mentorship
· Serve as a “player-coach” — leading technical delivery while mentoring junior engineers.
· Foster a culture of continuous learning, innovation, and empathy under pressure.
· Help shape hiring profiles, onboarding, and training materials as the team scales.
Collaboration and Communication
· Communicate complex restoration strategies and findings to both technical and non-technical audiences, including clients and insurers.
· Build trusted relationships with insureds and CPLG claim teams.
· Coordinate closely with the consulting teams to ensure restoration efforts align with forensic evidence preservation and compliance requirements.
Competencies
Planning
- Contribute to the development of both short-term and long-term plans for designated area of the organization.
- Coordinate resources to ensure strategies are executed.
Communication
- Communicate team plans or results, internally and externally, at all organizational levels.
- Write, or is a major contributor to, management/technical reports or contractual documents.
- Present informational briefings.
Cost Management
- Develop innovative ways to improve financials.
Business Controls and Policies
- Comply with all corporate policies and procedures.
People Management
- Has full HR responsibility for direct reports including making hiring decisions, training, coordinating work, establishing standards, reviewing work, conducting performance appraisals, and providing coaching or counseling.
Education
4 Year / Bachelors Degree
Cyber security, Computer Science, Information Technology related degree, or relevant work experience
Certifications, Licenses, and Designations
- Windows Server Hybrid Administrator. Azure Administrator Associate.
- Microsoft Certified
- VMware Certified Professional ( VCP- DCV)
- Veeam Certified Engineer ( VMCE) or equivalent backup. Disaster recovery certifications
- ITIL v3 or v4 Foundation
- AWS SysOps Administrator, Google Cloud DevOps Engineer, or Azure Security Engineer
- CompTIA Server+, Network+, or Linux”
- Certifications in business continuity or resilience (CBCP, ISO 22301) are a plus.
Security certifications (CISSP, GCIH, GCFE, etc.) are beneficial but not required