At S-RM respond to cyber-attacks affecting our clients every day, helping them recover from debilitating incidents perpetrated by criminals, hostile states and insiders. We help all kinds of organisations from schools to banks and large manufacturing companies. We constantly strive to help victims of attacks recover quicker and more efficiently.

We’ve been able to do this because of our outstanding people. We’re committed to developing bright, curious, driven individuals who want to think critically, solve complex problems, and achieve success.

But we also know that work isn’t everything. It’s about the lives and careers it helps us build.  We’re immensely proud of this culture and we invest in our people’s wellbeing, learning, and ideas every day.

We’re excited you’re thinking about joining us. 


Our Cyber Security division is the newest and fastest-growing part of S-RM.  The cyber sector is always evolving, and our Advisory, Testing, and Incident Response practices are in more demand than ever.

We’re building a team to meet this challenge.  This means we’re quick to respond, innovate, and improve.  We don’t get too hung up on hierarchy or bureaucracy.  If your ideas are good enough, we’ll empower you to implement them.  If you’re the best person to talk to a customer, you’ll get that opportunity, regardless of the title in your email signature.   And when you need a hand, your team will always have your back.

We also don’t believe there’s a typical cyber security professional.  We’ve built a team of intelligence analysts, technical specialists, software developers, investigators, risk managers, and more.  You’ll always find a range of perspectives and expertise to help you learn and grow.

If that sounds like your kind of team, we’d like to hear from you.


The successful candidate will manage the Cape Town Incident Response & Forensics team. Reporting into the Global Head of Incident Response, this candidate will be responsible for:

  • Hiring team members and designing team structure for the Cape Town Incident Response & Forensics Team
  • Management of Cape Town Cyber team members
  • Ultimate responsibility for cyber client work done by the Cape Town team
  • Remote Technical evidence collection from client environments
  • Ingesting evidence into analysis platforms such as forensic analysis tools or log analysis platforms
  • Investigating cyber incidents to determine whether the confidentiality, integrity or availability of the information has been affected
  • Gathering intelligence on threat actors to inform decision-making in high pressure situations
  • Advising clients on containment actions designed to limit the effects of cyber incidents
  • Deploying technologies such as endpoint detection and response solutions or tactical SIEM
  • Being a confident communicator able to translate technical language into key takeaways for executives
  • Being a member of the S-RM global on-call duty rota

Other features of the role include:

  • Flexible working practices: We are mindful of our team’s work/life balance. The role will be based at our Cape Town office, however, we offer flexible working options to support your wellbeing.


We think candidates with the following qualifications and experience are likely to succeed as an Associate Director at S-RM.

That said, if you don’t think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box—we’re looking for candidates that are particularly strong in a few areas, and have some interest and capabilities in others.

We nurture a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.

We’re looking for:

  • Undergraduate degree or extensive relevant experience within Incident Response.
  • Proven experience in responding to a variety of cyber incidents
  • Presenting verbal updates or written reports to internal/external stakeholders with non-technical backgrounds (it would be a benefit if you have prior consulting experience, though it is not a requirement)
  • Demonstrable knowledge in some of the following areas:
    • Endpoint Forensic Analysis
    • Malware Analysis
    • Network Forensics
    • Cloud Forensics
    • Mobile Device Analysis
    • Evidence Handling and Preservation
    • Industrial Control Systems and Operational Technology
    • Common enterprise security technologies (endpoint protection, SIEM, IDS/IPS, EDR, DLP)
    • Windows system administration and associated concepts
    • Identity management including Active Directory
    • Managing routers, gateways and switches
    • Virtualisation technologies (ESXI, VMWare etc.)
    • Linux administration
    • Email infrastructure (Office 365, on-premise Exchange)
    • Remote access infrastructure relevant experience within Incident Response

Relevant industry certifications are not required for this role. However, holding any of the following is beneficial: GCFE, GCFA, EnCE, CFSR, CISSP, GREM, CCNA, MCFE, Network+ and Security+

The successful candidate must have permission to work in South Africa by the start of their employment.


We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, including:

  • Maternity and paternity benefits including:
    • Maternity leave: 26 weeks of full pay followed by 13 weeks of half pay
    • Paternity leave: 6 weeks of full pay
  • Fertility treatment leave – 5 days of leave per cycle of treatment per year
  • Holiday – 23 days per year increasing to 28 days (+1 day for every year you worked at S-RM, up to a maximum of 5 days) in addition to bank holidays
  • Medical aid with Discovery Health for employee, partner, and children up to the cost of the Classic Saver plan
  • Gap Cover policy – allowing you to bridge the gap between your medical bills and your medical aid cover.
  • Life insurance – 4x annual salary
  • Disability cover- 75% of annual salary
  • Private pension – up to 6% contribution matched by the company
  • Financial education – free 1-2-1 consultations and mortgage clinics with the experts from AAG. Access to quarterly live educational sessions on a variety of topics around personal finance.
  • EAP (Employee Assistance Programme) for employees and immediate family, including counselling sessions
  • Free access to the world-famous mindfulness app Headspace
  • Seasonal flu vaccination
  • Eye tests and glasses reimbursement up to certain cost on an annual basis
  • Extensive training available, including through LinkedIn Learning with access to more than 13,000 different courses
  • Formalised Recognition programme
  • Hybrid working and flexible working hours
  • Cycle to work scheme – up to £4,000 salary sacrifice deducted over 12 months


To apply for this role, please email your CV to recruitment@s-rminform.com.

  1. A preliminary call which will be a chance for you to find out more about S-RM and the role.
  2. One interview discussing the research task and your technical skills.
  3. A research and writing task to do in your own time. This will assess your analytical and writing skills and give you a better sense of the work we do.
  4. One interview discussing your previous experience, broader competencies, and suitability for the role.

S-RM nurtures a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.