S-RM is seeking to recruit a Cyber Incident Response Engagement Lead. We are looking for candidates who are critical thinkers, strong communicators and enjoy proactively solving problems. S-RM’s Incident Response team works with organisations around the world helping them recover from cyber incidents caused by a range of threat actors, including criminal groups and nation states.

You will lead project teams consisting of incident responders analysing forensic evidence such as logs, malware and network data and helping our clients securely recover from cyber-attacks. The Engagement Lead plays a critical role, coordinating both internal and externals stakeholders and ensuring that the response remains on task and on budget.



S-RM is a global intelligence and cyber security consultancy.  Since 2005, we’ve helped some of the most sophisticated clients in the world solve some of their most complex challenges.

We’ve been able to do this because of our outstanding people.  We’re committed to developing bright, curious, driven individuals who want to think critically, solve complex problems, and achieve success.

But we also know that work isn’t everything,  It’s about the lives and careers it helps us build.  We’re immensely proud of this culture and we invest in our people’s wellbeing, learning, and ideas every day.

We’re excited you’re thinking about joining us.



  • Deliver incident response consulting to S-RM’s clients across a broad range of industries
    • Management of incident response cases from first contact through to case closure.
    • Primary point of contact for all internal and external stakeholders.
    • Accountable for the delivery of incident response cases in time and on budget.
    • Coordination of non-technical workstreams.
    • Collaboration with technical lead to ensure all project workstreams are coordinated.
  • Oversee host- and network-based cyber breach incident response investigations that include:
    • Triage
    • System recovery
    • Technical evidence collection
    • Forensics, log, malware and root cause analyses
    • Identify attacker tools, tactics and procedures
    • Develop incident management plans, deliver training, and conduct table-top exercises
    • Document and maintain internal incident response policies and procedures and support the build and evolution of tools and frameworks
    • Create client-ready documents and presentations
    • Perform knowledge transfer across the S-RM Cyber Security Team globally
  • Lead on cyber security pre-breach engagements, which include:
    • Information security controls assessments
    • Risk assessments
    • Vulnerability assessments
    • Regulatory and compliance assessments
    • Develop and deliver security awareness training
    • Contribute to marketing and business development efforts
  • Contribute to business development by managing relationships with key IR partners.
    • Cultivate close relationships with relevant legal, insurance and other channel partners.
    • Seek and implement feedback to ensure S-RM continues to satisfy client requirements.
  • Participate in an on-call rotation to provide 24X7X365 client incident coverage.

The role will be based in one of our US offices, however we have flexible working arrangements available.



We think candidates with the following skills and experience are likely to succeed as a Due Diligence Analyst at S-RM.

That said, if you don’t think you meet all of the criteria below but are still interested in the job, please apply. Nobody checks every box—we’re looking for candidates that are particularly strong in a few areas, and have some interest and capabilities in others.

We’re looking for someone that is able to adapt to change and work comfortably in a fast-paced environment, this person will have some or all of these skills:

  • Extensive professional experience in a relevant industry.
  • Moderate commercial consulting experience
  • Experience in a specialised information security domain (e.g. networking, forensics, software engineering)
  • A foundational grounding in networks and network administration
  • Strong communication skills – comfortable speaking to people at all levels from the board of director to technical teams.
  • Strong writing skills – able to produce high quality reports explaining complex technical issues in plain English
  • Proven ability and willingness to learn new subject matter quickly

Desired qualifications and experience include:

  • Investigative experience in a non-technical area such as corporate intelligence, journalism or law enforcement.
  • Experience working as a system or network administrator
  • Knowledge of at least one scripting language (like Python, Ruby, PHP or PowerShell)

The individual will need to have the following key personal skills and attributes to perform successfully in this role:

  • Ability to own tasks, projects, and subject matters
  • Ability to work in a face-paced, unstructured environment
  • Comfortable speaking in front of executives
  • Excellent problem solving skills
  • Ability to learn new topics quickly
  • Excellent planning and organizational skills
  • Excellent attention to detail
  • A proven ability to work unsupervised
  • Ability to work under pressure and meet deadlines
  • Ability to manage multiple projects simultaneously and remain flexible
  • A proactive approach and a willingness to work outside the job specification when required
  • Excellent interpersonal skills

The successful candidate must have permission to work in the United States by the start of their employment.



We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, including:

  • 20 days holiday per year in addition to 10 public holidays (+1 day for every day of service up to a maximum of 25 days) One of the public holidays is a floating holiday;
  • Life insurance – 4x annual salary;
  • 401k – up to 6% contribution matched by the company and financial education;
  • Military Leave– to a maximum of 5 years, for the first 4 months of Military leave, S-RM will top up any military pay to 100% of basic pay;
  • Flexible Spending Account – you will be able to contribute up to $2,850 per year tax free to pay towards the eligible expenses
  • Commuter Benefit – you can make a pre-tax deduction toward parking and transit commuting costs
  • Parental Support:
    • Fertility treatment leave – 5 days of leave per cycle of treatment per year;
    • Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
    • Paternity leave – 6 weeks of full pay.
  • Various Health and Medical Benefits including:
    • 100% Company paid private medical, dental and vision insurance for employee, partner and children;
    • Access to Virtual GP and seasonal flu vaccination;
    • Gym discounts for you and your partner;
    • EAP programme for you and your immediate family;
    • Free access to the world-famous mindfulness app Headspace.


To apply for this role, please send an up-to-date CV to recruitment@s-rminform.com.

The application process will include:

  1. A preliminary call, which will be a chance for you to find out more about S-RM and the role.
  2. First Interview – this will be run remotely
  3. Second interview – this will be run remotely
  4. There is a chance there may be a 3rd interview

We nurture a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.