Cyber Incident Responder

Cyber security


Who we are

S-RM is a global intelligence and cyber security consultancy.  Since 2005, we’ve helped some of the most demanding clients in the world solve some of their toughest information security challenges.

We’ve been able to do this because of our outstanding people.  We’re committed to developing sharp, curious, driven individuals who want to think critically, solve complex problems, and achieve success.

But we also know that work isn’t everything. It’s about the lives and careers it helps us build.  We’re immensely proud of this culture and we invest in our people’s wellbeing, learning, and ideas every day.

We’re excited you’re thinking about joining us.

Working in Cyber at S-RM

Our Cyber Security division is the fastest-growing part of S-RM.  The cyber sector is always evolving, and our Advisory, Testing, and Incident Response practices are in more demand than ever. Our Netherlands Cyber office was opened in March 2022 and delivers all of our services to clients in the Benelux region.

We’re building a team to meet this challenge. We’re quick to respond, innovate, and improve.  We don’t get too hung up on hierarchy or bureaucracy.  If your ideas are good enough, we’ll empower you to implement them.  If you’re the best person to talk to a customer, you’ll get that opportunity, regardless of the title in your email signature. And when you need a hand, your team will always have your back.

We also don’t believe there’s a typical cyber security professional.  We’ve built a team of intelligence analysts, technical specialists, software developers, investigators, risk managers, and more.  You’ll always find a range of perspectives and expertise to help you learn and grow.

If that sounds like your kind of team, we’d like to hear from you.

The role

Our Cyber Incident Responders are a critical part of our Cyber Security division’s success.

You will work across the full lifecycle of security incidents to help our clients respond and recover, including:

  • Managing incident response cases from first contact through to closure: you will be the primary point of contact for all internal and external stakeholders, accountable for delivery in-time and on budget.  You will coordinate non-technical workstreams and collaborate with technical leads where necessary.
  • Overseeing host- and network-based incident response investigations: including triage, system recovery, technical evidence collection, and forensics, log, malware and root cause analyses.
  • Developing plans, policies, and training: including incident management plans, table-top exercises, and response policies and procedures.
  • Developing and sharing domain expertise: we will support you in growing your cyber expertise, including sharing it with the wider team through internal initiatives and programs.
  • Contributing to business development: you will cultivate and manage close relationships with legal, insurance and other channel partners.
  • Participating in an on-call rotation to provide 24X7X365 client incident coverage.

Other features of the role include:

  • Variety of casework: no day will be the same. Our team responds to a huge variety of incidents for both public and corporate clients.
  • Range of opportunities: you will have opportunities to broaden your security awareness into testing and advisory projects, in addition to deepening your incident response expertise.
  • Flexible working practices: responding to incidents can be intense, high-pressure work. We are mindful of our team’s work/life balance and offer flexible working options to support your wellbeing.

What we're looking for

Candidates with the following qualifications and experience are likely to succeed as Cyber Incident Responders at S-RM.

That said, if you don’t think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box—we’re looking for candidates that are particularly strong in a few areas and have some interest and capabilities in others.

We nurture a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.

We’re looking for:

  • Experience in managing a range of cyber incidents in high-pressure situations;
  • Excellent project management skills with a proven ability to manage multiple stakeholders;
  • Experience presenting verbal updates or written reports to internal/external stakeholders with non-technical backgrounds is essential;
  • Prior consulting experience;
  • Tertiary education (HBO/WO) or relevant industry experience

A Relevant industry certifications are not required for this role. However, holding any of the following is beneficial: GCFE, GCFA, EnCE, CFSR, CISSP, GREM, CCNA, MCFE, OSCP, Network+ and Security+

The successful candidate must have permission to work in the Netherlands by the start of their employment.

Our benefits

We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, including:

  • Maternity and paternity benefits including:
    • Maternity leave: 26 weeks full pay followed by 13 weeks half pay
    • Paternity leave: 6 weeks of full pay
  • 25 holiday days per year, which increases with service to a maximum of
  • 30 days + public holidays
  • 7% matching pension contribution
  • Several options around mobility such as an OV-card or a lease car
  • 4 x annual salary life insurance
  • EAP for your mental wellbeing, including counselling sessions available to you and your family
  • Free access to the world-famous mindfulness app Headspace
  • Flexible working hours

The application process

We want to get to know you, and for you to get to know us, to see if we’d be a good fit.  We are responsive and respectful of people’s time throughout our hiring process.

A typical application process includes:

  1. Initial screening of your application by our recruiting team.
  2. A meeting with some of our team members to get to know each other and see if there’s a match as a team.
  3. A technical interview to assess your baseline skills and give you some insight into the work we do.

To apply, send a CV and cover letter to

View Dutch translation.