Senior Backup Engineer – Cyber Vault & Data Protection

At Ensono, our Purpose is to be a relentless ally, disrupting the status quo and unleashing our clients to Do Great Things!  We enable our clients to achieve key business outcomes that reshape how our world runs. As an expert technology adviser and managed service provider with cross-platform certifications, Ensono empowers our clients to keep up with continuous change and embrace innovation.

We can Do Great Things because we have great Associates. The Ensono Core Values unify our diverse talents and are woven into how we do business. These five traits are the key to achieving our purpose: Honesty, Reliability, Curiosity, Collaboration, and Passion.

About the role and what you’ll be doing: 

***Role will be based in Washington DC/Virginia area.

We are seeking a seasoned L3 Cyber Vault Administrator to design, operate, and continuously improve our cyber-resilient backup and recovery platforms. You will be the technical escalation point for Dell PowerProtect DD (Data Domain), Dell Cyber Recovery (Cyber Vault), CyberSense, and Cobalt Iron environments; lead recovery readiness (including cyber recovery playbooks and DR drills); implement automation (Python/Ansible); and drive audit, compliance, and vulnerability remediation across a hybrid data center estate. The role also partners closely with Security, Infrastructure, and Application teams to meet strict RPO/RTO and regulatory obligations.

Key Responsibilities

Platform Ownership (L3)

• Dell PowerProtect DD (Data Domain):
• L3 administration: capacity planning, MTree/retention/replication design, DD Boost integration, encryption/retention lock/immutability controls, upgrades and patching, performance tuning, troubleshooting, and RCA for P1/P2 incidents.
• Dell Cyber Recovery (Cyber Vault):
• L3 ownership of air-gapped vault workflows, isolation policies, replication windows, secure copy/validation, vault hardening, break-glass procedures, recovery orchestration, and periodic cyber recovery drills.
• CyberSense (Index Engines):
• L3 operations: analytics policy tuning, detection thresholds, scan scheduling, indicators of compromise reporting, investigation workflows, and integration with incident response.
• Cobalt Iron (Compass):
  • L3 administration: policy design, retention/SLA mapping, repository optimization, upgrades, and complex restores.

Backup & Restore Excellence

• Architect and maintain end-to-end backup/recovery for mission-critical systems; define RPO/RTO per service tier and ensure continuous adherence.
• Lead complex restores (file, DB, VM, application-aware), integrity verification, and forensics-assisted recovery during cyber incidents.
• Create and maintain runbooks for cyber vault isolation, validation, recovery testing, and compliance evidence collection.

Automation & Scalability

• Build and maintain Python and Ansible automations for provisioning, policy enforcement, health checks, compliance drift detection, and standardized recoveries.

Governance, Audit & Security

• Operate within ServiceNow for change, incident, and problem management; deliver robust RCAs and preventive actions.
• Ensure documentation (HLD/LLD, SOPs, runbooks, asset inventories, data flows) is current and audit-ready.
• Drive security compliance , manage vulnerability remediation, and maintain platform hardening baselines and access controls
• (least privilege, MFA, break-glass governance).
• Collaborate with observability team to integrate vault alerts, CyberSense detections, and backup anomalies into enterprise
• monitoring.

We want all new Associates to succeed in their roles at Ensono. That’s why we’ve outlined the job requirements below. To be considered for this role, it’s important that you meet all Required Qualifications. If you do not meet all of the Preferred Qualifications, we still encourage you to apply. 

Required Qualifications

L3 Proficiency

• Dell PowerProtect DD (Data Domain) – design, operations, replication, performance/RCA, upgrades, immutability/retention lock.
• Dell Cyber Recovery (Cyber Vault) – vault architecture, isolation workflows, cyber recovery playbooks, drill execution, secure copy, and validation.
• CyberSense – policy/analytics tuning, scan orchestration, anomaly detection and reporting, IR integration.
• Cobalt Iron (Compass) – policy & retention design, complex restores, optimization, and L3 troubleshooting.
• IBM TSM / Spectrum Protect – advanced backup/restore, policy domains, storage pools, dedupe, and problem management.

L2 Cross-Skills

• Linux (L2) – package mgmt, services, filesystems, logs, patching.
• VMware ESXi/vSphere (L2) – VM creation, data store manaegement, snapshot and recovery, patching, performance basics.
• Dell PowerMax Storage (L2) – volumes, snapshots, upgrades and mapping to protection policies
• Windows Server (L2) – windows administration and patching.

Automation & Tooling

• Python (production-grade scripts, APIs, packaging, logging, error handling).
• Ansible (playbooks/roles, Tower/AWX, inventory, credentials, RBAC).
• ServiceNow (Change/Incident/Problem/CMDB).
• Strong command line, Git, and secure credential handling.

Process & Compliance

• Change control discipline, configuration baselines, patching cadence, and release management.
• Evidence-ready controls for audits; mapping controls to frameworks (e.g., NIST CSF, CIS).
• Documented BCP/DR procedures and periodic cyber recovery drills with measurable outcomes.
• Vulnerability Management: tracking, prioritization (CVSS/EPSS awareness), remediation SLAs, and exceptions with risk sign- off.

Experience

• 10+ years in enterprise backup/recovery or storage, with 3-5+ years hands-on L3 across Data Domain/Cyber
• Recovery/CyberSense/Cobalt Iron/TSM.
• Proven leadership during major incidents, cyber events, or recovery drills in large data center environments.

Soft Skills

• Strong ownership and L3 escalation mindset; crisp communication under pressure.
• Clear, audit-grade documentation and runbook writing.
• Stakeholder management with Infra, Security, Apps, and Auditors.
• Mentor L1/L2 engineers; deliver knowledge transfer and training sessions.

Tools & Environment (Illustrative)

• Platforms: Dell PowerProtect DD, Dell Cyber Recovery, CyberSense, Cobalt Iron Compass, IBM TSM/Spectrum Protect.
• Infra: Windows Server, Linux, VMware ESXi/vSphere, Dell PowerMax.
• Automation/Dev: Python, Ansible (Tower/AWX), Git.
• ITSM/SecOps: ServiceNow, Splunk, Secrets mgmt (e.g., CyberArk/HashiCorp Vault).

Preferred Qualifications

• Experience with cloud backup targets, object storage, or immutable S3 (lock/legal hold).
• Scripting beyond Python (PowerShell, Bash).
• Exposure to ransomware tabletop exercise.

Why Ensono?

Ensono is a place to make better happen – for our clients and for your career. You can do great things through innovation or collaboration, by learning or volunteering, or to promote diversity and inclusion. You can do great things for your own health or for a healthier planet. Whatever it means to you to do great things we want Ensono to be the place you can do it. 

We are a client-facing business, but we do encourage clients to allow us to work remotely most of the time so if you are not required to be on a client site, you can choose to work from home or in our Ensono offices.

Some of our benefits include:

• Unlimited Paid Days Off
• Three health plan options through Blue Cross Blue Shield
• 401k with company match
• Eligibility for dental, vision, short and long-term disability, life and AD&D coverage, and flexible spending accounts
• Paid Maternity Leave, Paternity Leave, and Sabbatical Leave
• Education Reimbursement, Student Loan Assistance or 529 College Funding
• Enhanced fertility coverage
• Wellness program
• Depending on location, ability to take advantage of fitness centers
• Flexible work schedule

 

As of the date of this posting, a good faith estimate of the current pay scale for this role is $80,000 to $135,000 annually based on a full-time schedule. Please note that placement in the range may vary based on numerous factors including but not limited to skills, experience, internal equity, and business needs. In addition to base salary, other compensation programs, depending on eligibility, include an annual bonus plan based on company and individual performance plan, and an equity grant under our Associate Equity Appreciation Program.

Ensono is an Equal Opportunity/Affirmative Action employer. We are committed to providing equal employment to our Associates and building a diverse and inclusive workforce. All qualified applicants will be considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or other legally protected basis, in accordance with applicable law.

Pay transparency nondiscrimination statement/posting OFCCP’s pay transparency policy can be found on OFCCP’s website.

If you need accommodation at any point during the application or interview process, please let your recruiter know or email [email protected].