S-RM is looking to recruit experienced Cyber Incident Responders who are critical thinkers, strong communicators and enjoy proactively solving problems. S-RM’s Incident Response team works with organisations around the world helping them recover from cyber incidents caused by a range of threat actors, including criminal groups and nation states. You will be part of a team of technical incident responders analysing forensic evidence such as logs, malware and network data, and will help our clients securely recover from cyber-attacks. S-RM combine investigative mindsets with deep technical expertise to deliver clear advice and actionable results to our clients. We are looking for candidates with a variety of experience from analyst through to technical lead. You will participate in an on-call rota.


In this role, your primary responsibility will be helping our clients respond to and recover from cyber security incidents. This will involve:

  • Technical evidence collection from client environments
  • Ingesting evidence into analysis platforms such as forensic analysis tools or log analysis platforms
  • Investigating cyber incidents to determine whether the confidentiality, integrity or availability of the information has been affected
  • Gathering intelligence on threat actors to inform decision-making in high pressure situations
  • Advising clients on containment actions designed to limit the effects of cyber incidents
  • Deploying technologies such as endpoint detection and response solutions or tactical SIEM
  • Assisting the recovery of clients’ IT infrastructure during and after cyber attacks
  • Being a confident communicator able to translate technical language into key takeaways for executives

The role will be based in our London office however flexible working arrangements are available.


The qualifications and experience desired for this role include:

  • Undergraduate degree or relevant industry experience
  • Proven experience in responding to a variety of cyber incidents
  • Presenting verbal updates or written reports to internal/external stakeholders with non-technical backgrounds (it would be a benefit if you have prior consulting experience, though it is not a requirement)
  • Demonstrable knowledge in some of the following areas:
    • Endpoint Forensic Analysis
    • Malware Analysis
    • Network Forensics
    • Cloud Forensics
    • Mobile Device Analysis
    • Evidence Handling and Preservation
    • Industrial Control Systems and Operational Technology
    • Common enterprise security technologies (endpoint protection, SIEM, IDS/IPS, EDR, DLP)
    • Windows system administration and associated concepts
    • Identity management including Active Directory
    • Managing routers, gateways and switches
    • Virtualisation technologies (ESXI, VMWare etc.)
    • Linux administration
    • Email infrastructure (Office 365, on-premise Exchange)
    • Remote access infrastructure

Relevant industry certifications are not required for this role. However, holding any of the following is may be beneficial: GCFE, GCFA, EnCE, CFSR, CISSP, GREM, CCNA, MCFE, Network+ and Security+

The successful candidate must have permission to work in the UK by the start of their employment.


  • Market leading maternity and paternity benefits including:
    • Maternity leave: 26 weeks full pay followed by 13 weeks half pay
    • Paternity leave: 6 weeks of full pay
  • 25 holiday days per year + bank holidays, which increases with service to a maximum of 30 days
  • 5% matching pension contribution
  • 4 x annual salary life insurance
  • Support of your mental wellbeing, including counselling sessions available to you and your family
  • Flexible working hours
  • Availability of a variety of training courses including online learning
  • Very comprehensive private medical insurance as well as eye tests and glasses reimbursement, and seasonal flu vaccination
  • 50% discount with a nationwide gym chain
  • Season ticket loan for your train commute
  • Cycle to work scheme
  • A formalised recognition programme

S-RM nurtures a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.


To apply for this role, please email your CV and cover letter to recruitment@s-rminform.com