S-RM is looking to recruit a Senior Associate Incident Response & Forensics consultant to join its Cyber Security practice in London.
Above all, we are looking for proactive, critical thinkers who are strong communicators and like solving interesting problems and working in a team. As well as this, we are looking specifically for someone with practical and technical experience. A good candidate will have 5-10 years’ relevant experience, some of which has been spent in consulting, as well as 3 years’ specific experience managing Windows and Linux estates.
MAIN DUTIES AND RESPONSIBILITIES
In this role, your primary responsibility will be helping our clients respond to and recover from cyber security incidents.
This will include:
- Leading incident response engagements. This involves understanding client requirements, coordinating the incident response team and liaising with clients and other related third parties
- Advising clients on containment actions designed to limit the effects of cyber incidents
- Technical evidence collection from clients’ environments to prepare for forensic investigations
- Conducting forensic investigations to determine the facts about a cyber incident. Namely, how the incident happened and whether data was exfiltrated
- Gathering intelligence on threat actors to inform decision-making in high pressure situations
- Managing the recovery of clients’ IT infrastructure during and after cyber attacks
- Briefing clients’ management and IT teams during and after cyber attacks
- Participating in an on-call rotation to provide 24X7X365 client incident coverage
- You will also be expected to contribute to S-RM’s wider cyber security offering where appropriate
The role will be based in our London office.
SKILLS, QUALIFICATIONS & EXPERIENCE
We would like to meet candidates with previous exposure to (and a keen interest in) information security who have a broad base of experience configuring and maintaining enterprise networks. When we say ‘experience configuring and maintaining enterprise networks’, we mean someone with a broad base of hands on experience across the areas outlined below. A strong candidate with experience in a subset of these areas would also be of interest. We are not necessarily looking for an expert in any single area, except for perhaps experience with Active Directory.
The qualifications and experience required to perform this role successfully are:
- Undergraduate degree from a leading university
- Some prior knowledge and understanding of security frameworks and standards
- Presenting verbal or written reports to internal/external stakeholders with non-technical backgrounds (it would be a plus if you have prior consulting experience, though not a requirement)
- We are not really interested in any particular certification, although MCSE, VCP, and/or CCNA certifications would be a plus
- Windows system administration:
- Managing domain services
- Creating standard build templates
- Using SCCM
- Intermediate PowerShell
- Identity management
- Active Directory (including Azure AD)
- Federated identities
- Single sign on
- Managing routers, gateways and switches:
- Firewall rules
- Network segmentation
- Packet filtering and analysis (e.g. WireShark)
- Virtualisation technologies:
- ESXI (ideally), VMWare etc.
- Linux administration:
- Hardening and orchestration (Puppet, Chef)
- Keys management
- Intermediate scripting
The successful candidate must have permission to work in the UK by the start of their employment.