S-RM is looking to recruit experienced Cyber Incident Responders who are critical thinkers, strong communicators and enjoy proactively solving problems. S-RM’s Incident Response team works with organisations around the world helping them recover from cyber incidents caused by a range of threat actors, including criminal groups and nation states. You will be part of a team of technical incident responders analysing forensic evidence such as logs, malware and network data, and will help our clients securely recover from cyber-attacks. S-RM combine investigative mindsets with deep technical expertise to deliver clear advice and actionable results to our clients. We are looking for candidates with a variety of experience from analyst through to technical lead. You will participate in an on-call rota.

MAIN DUTIES AND RESPONSIBILITIES

In this role, your primary responsibility will be helping our clients respond to and recover from cyber security incidents. This will involve:

  • Technical evidence collection from client environments
  • Ingesting evidence into analysis platforms such as forensic analysis tools or log analysis platforms
  • Investigating cyber incidents to determine whether the confidentiality, integrity or availability of the information has been affected
  • Gathering intelligence on threat actors to inform decision-making in high pressure situations
  • Advising clients on containment actions designed to limit the effects of cyber incidents
  • Deploying technologies such as endpoint detection and response solutions or tactical SIEM
  • Assisting the recovery of clients’ IT infrastructure during and after cyber attacks
  • Being a confident communicator able to translate technical language into key takeaways for executives

The role will be based in our London office however flexible working arrangements are available.

SKILLS, QUALIFICATIONS & EXPERIENCE

The qualifications and experience desired for this role include:

  • Undergraduate degree or relevant industry experience
  • Proven experience in responding to a variety of cyber incidents
  • Presenting verbal updates or written reports to internal/external stakeholders with non-technical backgrounds (it would be a benefit if you have prior consulting experience, though it is not a requirement)
  • Demonstrable knowledge in some of the following areas:
    • Endpoint Forensic Analysis
    • Malware Analysis
    • Network Forensics
    • Cloud Forensics
    • Mobile Device Analysis
    • Evidence Handling and Preservation
    • Industrial Control Systems and Operational Technology
    • Common enterprise security technologies (endpoint protection, SIEM, IDS/IPS, EDR, DLP)
    • Windows system administration and associated concepts
    • Identity management including Active Directory
    • Managing routers, gateways and switches
    • Virtualisation technologies (ESXI, VMWare etc.)
    • Linux administration
    • Email infrastructure (Office 365, on-premise Exchange)
    • Remote access infrastructure

Relevant industry certifications are not required for this role. However, holding any of the following is may be beneficial: GCFE, GCFA, EnCE, CFSR, CISSP, GREM, CCNA, MCFE, Network+ and Security+

The successful candidate must have permission to work in the UK by the start of their employment.

Benefits

  • Market leading maternity and paternity benefits including:
    • Maternity leave: 26 weeks full pay followed by 13 weeks half pay
    • Paternity leave: 6 weeks of full pay
  • 25 holiday days per year + bank holidays, which increases with service to a maximum of 30 days
  • 5% matching pension contribution
  • 4 x annual salary life insurance
  • Support of your mental wellbeing, including counselling sessions available to you and your family
  • Flexible working hours
  • Availability of a variety of training courses including online learning
  • Very comprehensive private medical insurance as well as eye tests and glasses reimbursement, and seasonal flu vaccination
  • 50% discount with a nationwide gym chain
  • Season ticket loan for your train commute
  • Cycle to work scheme
  • A formalised recognition programme

S-RM nurtures a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.

CONTACT

To apply for this role, please email your CV and cover letter to recruitment@s-rminform.com