
S-RM · London
CYBER RISK ADVISORY CONSULTANT, LONDON (HYBRID) WHO WE ARE S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we’ve helped some of the m...
S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we’ve helped some of the most demanding clients in the
world solve some of their toughest information security challenges.
We’ve been able to do this because of our outstanding people. We’re committed to developing bright, curious, driven individuals
who want to think critically, solve complex problems, and achieve success.
But we also know that work isn’t everything, it’s about the lives and careers it helps us build. We’re immensely proud of this
culture and we invest in our people’s wellbeing, learning, and ideas every day.
We’re excited you’re thinking about joining us.
Our Cyber Security practice is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory,
Testing, Incident Response and Forensics practices are in more demand than ever.
We’re building a team to meet this challenge. This means we’re quick to respond, innovate, and improve. We don’t get too hung up
on hierarchy or bureaucracy. If your ideas are good enough, we’ll empower you to implement them. If you’re the best person to talk
to a customer, you’ll get that opportunity, regardless of the title in your email signature. And when you need a hand, your team
will always have your back.
We also don’t believe there’s a typical cyber security professional. We’ve built a team of intelligence analysts, technical
specialists, software developers, investigators, risk managers, and more. You’ll always find a range of perspectives and expertise
to help you learn and grow.
If that sounds like your kind of team, we’d like to hear from you.
Cyber Risk and Resilience Associates lead cyber consultancy engagements within a fast-growing and highly regarded practice, with
the opportunity to take on real responsibility early in their careers.
You will work closely with clients to understand their challenges, lead project teams and deliver thoughtful, high-quality
solutions across a broad range of cyber risk management and resilience activities. As part of a leading cyber security
consultancy, you will help clients navigate complex and evolving security risks while building trusted adviser relationships. You
will also work with colleagues across international consulting teams, supporting clients in the UK and globally, with exposure to
a wide variety of sectors, challenges and senior stakeholders.
Our Associates are project managers, people managers and consultants. You will join a collaborative and diverse team drawn from a
wide range of professional backgrounds, within an organisation known for its pace, openness and genuinely cross-team approach.
This role offers the chance to develop quickly through a mix of client delivery, team leadership, commercial exposure and access
to internal and external training, while contributing to the growth of established and emerging service areas.
At the core of the Associate role is hands-on cyber security consulting. You will lead delivery across multiple domain areas,
S-RM Consultants are also accomplished project managers and team leaders. In this role, you will:
Client Engagement, Account Management and Business Development:
Our Associates play an important role in business development. This is a position for someone who wants to help shape client
solutions as well as deliver them, and you will support the Sales team in the following areas:
This role would suit an ambitious security consultant looking for the next step: someone ready to take on meaningful client
responsibility, broaden their experience across multiple cyber domains, and develop in a supportive but high-performing
environment. It offers the chance to build consulting, leadership and commercial experience in parallel, while working alongside
colleagues from a wide range of professional backgrounds.
Skills and Experience
The successful candidate must have permission to work in the UK by the start of their employment.
We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this
The role will be based in our London office. However, we have flexible working arrangements available.
To apply for this role, please submit a CV and cover letter to: Job Application for Cyber Risk Advisory Consultant at S-RM
CYBER RISK ADVISORY CONSULTANT, UTRECHT (HYBRID) WHO WE ARE S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we’ve helped some of the most demanding clients in the world solve some of their toughest information security challenges. We’ve been able to do this because of our outstanding people. We’re committed to developing bright, curious, driven individuals who want to think critically, solve complex problems, and achieve success. But we also know that work isn’t everything, it’s about the lives and careers it helps us build. We’re immensely proud of this culture and we invest in our people’s wellbeing, learning, and ideas every day. We’re excited you’re thinking about joining us. WORKING IN CYBER AT S-RM Our Cyber Security practice is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory, Testing, Incident Response and Forensics practices are in more demand than ever. We’re building a team to meet this challenge. This means we’re quick to respond, innovate, and improve. We don’t get too hung up on hierarchy or bureaucracy. If your ideas are good enough, we’ll empower you to implement them. If you’re the best person to talk to a customer, you’ll get that opportunity, regardless of the title in your email signature. And when you need a hand, your team will always have your back. We also don’t believe there’s a typical cyber security professional. We’ve built a team of intelligence analysts, technical specialists, software developers, investigators, risk managers, and more. You’ll always find a range of perspectives and expertise to help you learn and grow. If that sounds like your kind of team, we’d like to hear from you. THE ROLE Cyber Risk and Resilience Associates lead cyber consultancy engagements within a fast-growing and highly regarded practice, with the opportunity to take on real responsibility early in their careers. You will work closely with clients to understand their challenges, lead project teams and deliver thoughtful, high-quality solutions across a broad range of cyber risk management and resilience activities. As part of a leading cyber security consultancy, you will help clients navigate complex and evolving security risks while building trusted adviser relationships. You will also work with colleagues across international consulting teams, supporting clients in the UK and globally, with exposure to a wide variety of sectors, challenges and senior stakeholders. Our Associates are project managers, people managers and consultants. You will join a collaborative and diverse team drawn from a wide range of professional backgrounds, within an organisation known for its pace, openness and genuinely cross-team approach. This role offers the chance to develop quickly through a mix of client delivery, team leadership, commercial exposure and access to internal and external training, while contributing to the growth of established and emerging service areas. RESPONSIBILITIES Cyber Security Consulting: At the core of the Associate role is hands-on cyber security consulting. You will lead delivery across multiple domain areas, including: * Incident Response Preparedness * Cyber incident response strategy, policy, and plan development. * Simulation exercising at leadership and operational levels. * Digital Resilience * Business impact analysis, business continuity and disaster recovery planning * Cyber regulations, governance and compliance * Threat Intelligence * Technical security * Identity and Access Management * Data security and integrity * Network and Infrastructure Security Project Management: S-RM Consultants are also accomplished project managers and team leaders. In this role, you will: * Lead complex projects independently * Manage client engagement, communication and project planning activities * Lead client workshops and information gathering discussions * Oversee technical and governance focussed implementation plans * Work with internal client project teams, subcontractors and partners * Understand and utilise the full range of S-RM’s people and expertise * Manage junior colleagues and oversee career development Client Engagement, Account Management and Business Development: Our Associates play an important role in business development. This is a position for someone who wants to help shape client solutions as well as deliver them, and you will support the Sales team in the following areas: * Engage with clients to understand their cyber security challenges * Innovate solutions, create, propose and pitch cyber security engagements * Contribute to the expansion of client accounts and winning new business This role would suit an ambitious security consultant looking for the next step: someone ready to take on meaningful client responsibility, broaden their experience across multiple cyber domains, and develop in a supportive but high-performing environment. It offers the chance to build consulting, leadership and commercial experience in parallel, while working alongside colleagues from a wide range of professional backgrounds. Skills and Experience Required: * 2+ years of experience in information security, cyber roles and/or technical domains. * Prior consulting experience in a cyber role. * Ability and willingness to manage complex projects. * Excellent presentational skills, written work and attention to detail. Strongly Preferred: * Demonstrable knowledge of: * Incident response policies, plans and playbooks. * Cyber Security frameworks, standards and regulations * Information security principles, tools, technologies and techniques * Technical cyber knowledge, including: * Cloud Security * Identity and Access Management * Software development lifecycle * Operational Technology * Industry accreditation such as SANS Institute, Security+, CISM, CISSP or ISO27001; The successful candidate must have permission to work in the Netherlands by the start of their employment. OUR BENEFITS We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of: * Maternity leave: 26 weeks full pay followed by 13 weeks half pay * Paternity leave: 6 weeks of full pay * 25 holiday days per year, which increases with service to a maximum of 30 days + public holidays * 7% matching pension contribution * Several options around mobility such as an OV-card or a lease car * 4 x annual salary life insurance * EAP for your mental wellbeing, including counselling sessions available to you and your family * Free access to the world-famous mindfulness app Headspace * Flexible working hours * Extensive training available, including through LinkedIn Learning with access to more than 13,000 different courses The role will be based in our Utrecht office. However, we have flexible working arrangements available. To apply for this role, please submit a CV and cover letter to: Job Application for Cyber Risk Advisory Consultant at S-RM
WHO WE ARE The cyber sector is always evolving, and our Advisory, Testing, Incident Response and Forensics practices are in more demand than ever. We’re building a team to meet this challenge. We’re quick to respond, innovate, and improve. We don’t get too hung up on hierarchy or bureaucracy. If your ideas are good enough, we’ll empower you to implement them. We also don’t believe there’s a typical cybersecurity professional. We’ve built a team of intelligence analysts, technical specialists, software developers, investigators, risk managers, and more. You’ll always find a range of perspectives and expertise to draw on and help you grow. If that sounds like your kind of team, we’d like to hear from you. THE ROLE We are looking for a German speaking consultant to join our Cyber Incident Response team as an Engagement Lead. A successful cyber response only happens when a group of technical experts works seamlessly with a team leader who can get the best out of them. Role responsibilities include: * Project scoping: you will be a first responder to cyber-attacks, running triage calls with clients to understand the scope of the incident and setting out how S-RM can support. * Project management: from that first call to the incident’s conclusion, you will be responsible for ensuring the response is managed effectively and efficiently, delivering for all stakeholders while on schedule and within budget. Typical workstreams include: * Working with clients to ensure that incidents are contained. * Overseeing a team of forensic analysts investigating the incident. * Advising strategies for responding to cyber threat actors. * Providing crisis management expertise to help clients navigate the incident. * Relationship management: you will be responsible for building and developing relationships with the various stakeholders involved in a cyber incident, from the victims themselves to lawyers and insurance professionals. We nurture a culture of equality, diversity and inclusion, and we are dedicated to developing a workforce that displays a variety of talents, experiences, and perspectives. WHAT WE ARE LOOKING FOR We think candidates with the following skills and experience are likely to succeed as Incident Response Engagement Leads at S-RM. You will need great consulting skills and a developed understanding of networks and security technologies. We will prioritise candidates with demonstrable digital forensics and incident response (‘DFIR’) experience, especially those that have worked in an incident handling capacity before. However, we’d encourage candidates with adjacent experience to apply. We believe that, with the right training, anyone that fits the profile below can make an excellent Engagement Lead. We have a proven track record of supporting those from diverse backgrounds to develop into this role. We’re looking for: * Native or professional fluency in German language. * Great communication skills. * A calm and empathetic style when under pressure. * A thoughtful approach to solving problems. * An instinct to seek the expertise of others and bring diverse skillsets together. * Excellent client service and advocacy skills in your daily work. Candidates must have permission to work in South Africa by the start of their employment. OUR BENEFITS We offer thoughtful rewards and support to help our people achieve a great balance in their professional and personal lives, including: We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of: * 23 days holiday per year in addition to bank holidays (+1 day for every year of service up to a maximum of 28 days in total) * Hybrid working and flexible working hours * Medical aid with Discovery Health for employee, partner, and children up to the cost of the Classic Saver plan * Gap Cover policy – allowing you to bridge the gap between your medical bills and your medical aid cover * Life insurance – 4x annual salary * Disability cover - 75% of annual salary * Private pension – up to 7% contribution matched by the company * EAP (Employee Assistance Programme) for employees and immediate family, including counselling sessions * Free access to the world-famous mindfulness app Headspace * Seasonal flu vaccination * Eye tests and glasses reimbursement up to certain cost on an annual basis * Formalised Recognition programme * Hybrid working and flexible working hours * Fertility treatment leave – 5 days of leave per cycle of treatment per year * Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay (after 1 year at the company on the “qualifying week” = 15 weeks before a due date) * Paternity leave – 6 weeks of full pay (after 1 year at the company on the “qualifying week” = 15 weeks before a due date) THE APPLICATION PROCESS We want to get to know you, and for you to get to know us, to see if we’d be a good fit. We are responsive and respectful of people’s time throughout our hiring process. A typical application process includes: * Initial screening of your application by our recruiting team. * An interview to assess your baseline technical skills. * An interview to discuss your previous experience and broader competencies. * An final interview to determine alignment with the role. Please apply via: Job Application for Engagement Lead, Incident Response at S-RM
WHO WE ARE S-RM is a global intelligence and cyber security consultancy. Since 2005, we’ve helped some of the most demanding clients in the world solve some of their toughest information security challenges. We’ve been able to do this because of our outstanding people. We’re committed to developing sharp, curious, driven individuals who want to think critically, solve complex problems, and achieve success. But we also know that work isn’t everything. It’s about the lives and careers it helps us build. We’re immensely proud of this culture and we invest in our people’s wellbeing, learning, and ideas every day. We’re excited you’re thinking about joining us. WORKING IN CYBER AT S-RM Our Cyber Security division is the fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory, Ethical Hacking, and Incident Response practices are in more demand than ever. We’re building a team to meet this challenge. We’re quick to respond, innovate, and improve. We don’t get too hung up on hierarchy or bureaucracy. If your ideas are good enough, we’ll empower you to implement them. If you’re the best person to talk to a customer, you’ll get that opportunity, regardless of the title in your email signature. And when you need a hand, your team will always have your back. We also don’t believe there’s a typical cyber security professional. We’ve built a team of intelligence analysts, technical specialists, software developers, investigators, risk managers, and more. You’ll always find a range of perspectives and expertise to help you learn and grow. If that sounds like your kind of team, we’d like to hear from you. THE ROLE Our Incident Response Consultants are a critical part of our Cyber Security consulting practice’s success. As a Technical Lead, you will deploy your incident response expertise in a senior, client‑facing delivery role across our incident response services. You will work across the full lifecycle of security incidents to help our clients respond and recover, spanning both traditional incident response scenarios (such as ransomware, business email compromise and intrusion investigations) and modern incidents affecting cloud platforms, CI/CD pipelines and software delivery environments. WHAT YOU WILL DO You will be responsible for leading and delivering technical investigations for clients, including: * Leading technical incident response engagements from first contact through to closure * Acting as the primary technical resource on response cases, applying your own expertise and providing guidance to colleagues on the project team. * Overseeing host‑, network‑ and cloud‑based investigations, including: * Triage and containment * System recovery and remediation support * Technical evidence collection and forensic analysis * Log, malware and root cause analysis * Investigating a wide range of incident types, including but not limited to: * Ransomware and extortion incidents * Business Email Compromise (BEC) * Unauthorised access and data breaches * Incidents involving cloud environments, CI/CD pipelines, automation and software supply chains * Applying cloud and DevOps‑related expertise where required, for example when incidents involve: * Compromised cloud identities, APIs or control planes * Abuse of CI/CD pipelines, source code repositories or secrets * Infrastructure‑as‑Code and automated deployment workflows * Developing and sharing domain expertise We will support you to deepen your technical knowledge and share it across the wider team through internal initiatives, training and capability development. * Participating in an on‑call rotation Providing 24×7×365 incident response coverage for our clients. OTHER FEATURES OF THE ROLE * Variety of casework No two days are the same. You will respond to a diverse range of incidents across public and private sector clients, industries and technology stacks. * Range of opportunities In addition to incident response, you will have opportunities to contribute to related consulting work such as post‑incident reviews, incident readiness, threat exposure assessments and broader advisory projects. * Flexible working practices Incident response can be intense, high‑pressure work. We are mindful of work/life balance and offer flexible working arrangements to support wellbeing. WHAT WE’RE LOOKING FOR Candidates with the following experience and attributes are likely to succeed as Incident Response Consultants at S‑RM. That said, if you don’t meet every criterion below but are interested in the role, we encourage you to apply. We value individuals who are particularly strong in certain areas and keen to develop in others. We nurture a culture of equality, diversity and inclusion and are committed to building a workforce with varied backgrounds, skills and perspectives. Experience * 5+ years’ experience in a technical cyber security, cloud security, DevSecOps, platform engineering or related role. * Direct experience working in a consulting or in‑house incident response team is beneficial, but not essential. Approach * A strong investigative mindset, with the ability to work through complex problems using limited or incomplete information. * Comfortable operating in high‑pressure, time‑critical client situations. Technical skillset * Strong technical foundations suitable for investigating a range of incident types, including ransomware and intrusion scenarios. * Experience or strong interest in cloud and modern infrastructure, such as: * AWS, Azure or GCP * CI/CD platforms and automation * Identity, logging and audit trails in cloud environments * Comfortable using scripting and automation to support investigations and analysis. Threat awareness * Demonstrable knowledge of cyber threat actors and their tactics, techniques and procedures, including those targeting both traditional enterprise environments and modern cloud‑based systems. Communication * Able to clearly communicate technical findings and risk to non‑technical client audiences in a professional consulting setting. Qualifications Relevant certifications are not required, but the following (or similar) are beneficial: GCFE, GCFA, EnCE, CFSR, CISSP, GREM, CCNA, MCFE, OSCP, Network+, Security+ Cloud and platform‑focused certifications (AWS, Azure, GCP, Kubernetes, Terraform) are also advantageous. The successful candidate must have permission to work in the UK by the start of their employment. OUR BENEFITS We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of: * 25 days holiday per year in addition to bank holidays (+1 day for every year of service up to a maximum of 30 days); * Hybrid working and flexible working hours; * Matching pension contribution up to 7% and financial education; * Fertility treatment leave – 5 days of leave per cycle of treatment per year; * Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay; * Paternity leave – 6 weeks of full pay. * Private dental and medical insurance (taxable benefit) for you and your family; * Virtual GP for you and your family members that live in the same household; * Various gym discounts for you and your partner; THE APPLICATION PROCESS We want to get to know you, and for you to get to know us, to see if we’d be a good fit. We are responsive and respectful of people’s time throughout our hiring process. A typical application process includes: * Initial screening of your application by our recruiting team. * An interview to assess your baseline technical skills. * An interview to discuss your previous experience and broader competencies. * An final interview to determine alignment with the role. Please apply via: Job Application for Technical Lead, Incident Response at S-RM