Cyber Security Associate


Cyber security


Who we are

S-RM is a global intelligence and cyber security consultancy.  Since 2005, we’ve helped some of the most demanding clients in the world solve some of their toughest information security challenges.

We’ve been able to do this because of our outstanding people.  We’re committed to developing sharp, curious, driven individuals who want to think critically, solve complex problems, and achieve success.

But we also know that work isn’t everything. It’s about the lives and careers it helps us build.  We’re immensely proud of this culture and we invest in our people’s wellbeing, learning, and ideas every day.

We’re excited you’re thinking about joining us.

Working in Cyber at S-RM

Our Cyber Security division is the fastest-growing part of S-RM.  The cyber sector is always evolving, and our Advisory, Testing, and Incident Response and Forensics practices are in more demand than ever.

We’re building a team to meet this challenge. We’re quick to respond, innovate, and improve.  We don’t get too hung up on hierarchy or bureaucracy. If your ideas are good enough, we’ll empower you to implement them.

We also don’t believe there’s a typical cyber security professional. We’ve built a team of intelligence analysts, technical specialists, software developers, investigators, risk managers, and more. You’ll always find a range of perspectives and expertise to help you learn and grow.

If that sounds like your kind of team, we’d like to hear from you.

The role

Cyber Advisory Associates lead our consultancy engagements and are a vital part of our team’s work.

You will work directly with our clients to understand their challenges and lead projects teams to develop solutions.  You will own the impact of your engagements and become a valued partner of world-class companies as you improve their information security across a range of cyber risk management and governance projects.

Our Associates are project managers and people managers, as well as consultants. You will develop junior colleagues, drive improvements in products and services, and contribute to practice strategy.

Typical activities and projects include:

  • Client engagement and account management: work with clients to understand their priorities and translate them into compelling proposals to win new business and expand existing accounts.
  • Consultancy delivery: use your expertise to lead engagements, including framework assessments, strategic advisory, training exercises, and threat intelligence assessments.
  • Project management: oversee technical implementational plans, organising sub-contractors and collaboration with internal teams to deliver timely, successful results. This may include acting in a vCISO capacity where required.
  • Internal initiatives and strategy: support and lead internal initiatives on product development, process management, and tech enablement to better support clients.
  • People management: line Manage junior colleagues (with senior support if necessary), including quality control of deliverables, mentoring, and professional development.
  • Development and domain knowledge: endeavour to develop your own cyber expertise and share it with the wider team through internal initiatives and programs.

What we're looking for

Candidates with the following skills and experience are likely to succeed within Cyber Advisory at S-RM.

That said, if you don’t think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box—we’re looking for candidates that are particularly strong in a few areas and have some interest and capabilities in others.

We nurture a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.

We’re looking for someone with some or all of these skills who can adapt to change and work comfortably in a fast-paced environment:

  • Previous experience in an information security role;
  • Prior consulting experience;
    Excellent writing skills and attention to detail;
  • Experience and confidence in presenting verbal updates to both technical and non-technical stakeholders;
  • Demonstrable knowledge of:
    • Various security frameworks, standards, and control libraries such as CIS and NIST;
    • Information security principles, tools, technologies and techniques;
    • Security risk management methodologies;
  • Applicable skills and qualifications are beneficial, including:
    • Academic cyber security or IT qualifications;
    • Industry accreditation such as SANS Institute, Security+, CISM, CISSP or ISO27001;
  • Technical capabilities in some or all of the following areas is beneficial but not essential:
  • Cloud computing;
    • Offensive security practices and techniques;
    • System administration experience.

All candidates must have permission to work in the UK by the start of their employment.

Our benefits

We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of:

  • 25 days holiday per year in addition to bank holidays (+1 day for every year of service up to a maximum of 30 days in total);
  • Hybrid working and flexible working hours;
  • Matching pension contribution up to 7% (up to a maximum of 14% combined), and financial education;
  • Life Insurance 4X Annual salary.
  • Parental Support:
    • Fertility treatment leave – 5 days of leave per cycle of treatment per year;
    • Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
    • Paternity leave – 6 weeks of full pay.
  • Various Health and Medical Benefits including:
    • Private dental and medical insurance (taxable benefit) for you and your family;
    • Virtual GP for you and your family members that live in the same household;
    • Various gym discounts for you and your partner;
    • EAP programme for you and your immediate family;
    • Free access to the world-famous mindfulness app
The role will be based in our London office. However, we have flexible working arrangements available.

The application process

We want to get to know you, and for you to get to know us, to see if we’d be a good fit.  We are responsive and respectful of people’s time throughout our hiring process.

A typical application process includes:

  1. Initial screening of your application by our recruiting team.
  2. An interview to assess your baseline technical skills.
  3. An interview to discuss your previous experience, broader competencies, and suitability for the role.

To apply, send a CV and cover letter to