Senior Analyst, (Delivery Lead), Incident Response London Cyber security London

Senior Analyst, (Delivery Lead), Incident Response London

We have a new and exciting role available within our Cyber Security division in London for a Senior Analyst in the Incident Response Team.

S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we've helped some of the most demanding clients in the world solve some of their toughest information security challenges.

We've been able to do this because of our outstanding people. We're committed to developing sharp, curious, driven individuals who want to think critically, solve complex problems, and achieve success.

But we also know that work isn't everything, it's about the lives and careers it helps us build. We're immensely proud of this culture and we invest in our people's wellbeing, learning, and ideas every day.

We're excited you're thinking about joining us.

Working in Cyber at S-RM

Our Cybersecurity division is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory , Testing , Incident Response and Forensics practices are in more demand than ever.

We're building a team to meet this challenge. We're quick to respond, innovate, and improve. We don't get too hung up on hierarchy or bureaucracy. If your ideas are good enough, we'll empower you to implement them.

We also don't believe there's a typical cybersecurity professional. We've built a team of intelligence analysts, technical specialists, software developers, investigators, risk managers, and more. You'll always find a range of perspectives and expertise to draw on and help you grow.

If that sounds like your kind of team, we'd like to hear from you.

Our Incident Response Delivery Leads are a critical part of our Cyber Security division's success.

As a Delivery Lead on our team, you will deploy your incident response expertise across our incident response services, with a focus on helping clients impacted by cyber incidents in the DACH region.

You will work across the full lifecycle of security incidents to help our clients respond and recover, including:

• Providing technical incident response from first contact through to closure: you will form part of the primary technical resource team on response cases, deploying your own expertise and offering guidance to colleagues on your project team.
• Delivering host- and network-based incident response investigations: including triage, system recovery, technical evidence collection, forensics, log, malware and root cause analyses.
• Developing and sharing domain expertise: we will support you in growing your cyber expertise, including sharing it with the wider team through internal initiatives and programs.
• Participating in an on-call rotation to provide 24x7x365 client incident coverage.

Other features of the role include:

• Variety of casework: no day will be the same. Our team responds to a huge variety of incidents for both public and corporate clients.
• Range of opportunities: you will have opportunities to broaden your security awareness into testing and advisory projects, in addition to deepening your incident response expertise.
• Flexible working practices: responding to incidents can be intense, high-pressure work. We are mindful of our team's work/life balance and offer flexible working options to support your wellbeing.
• Native or professional fluency in German language.
• Direct experience working in an Incident Response team is strongly preferred, however, candidates with exposure to working with Incident Response teams, or those in roles reflecting aspects of Incident Response will be considered.
• A critical and investigative mindset. You should be comfortable solving problems with limited information and guidance, developing proportionate strategies to achieve timely outcomes.
• Clear demonstrable knowledge of cyber threat actors, and their tactics, techniques, and procedures.
• Demonstrable understanding of the basic workstreams within an incident response engagement. Providing evidence of engagement with forensics, containment and restoration/recovery is a benefit.
• You are comfortable using scripting to solve cyber security problems and ideally be able to demonstrate an interest in doing so, e.g. through your own research projects or prior experience.
• It is strongly recommended that candidates hold one of the following certifications (or equivalent) GCFE, GCFA, GCIH, GNFA. However, holding any of the following is beneficial: EnCE, CFSR, CISSP, GREM, CCNA, MCFE, OSCP, Network+ and Security+

The successful candidate must have permission to work in the UK by the start of their employment.

We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of:

• 25 days holiday per year in addition to bank holidays (+1 day for every year of service up to a maximum of 30 days);
• Hybrid working and flexible working hours;
• Matching pension contribution up to 7% and financial education;
• Fertility treatment leave - 5 days of leave per cycle of treatment per year;
• Maternity leave - 26 weeks of full pay followed by 13 weeks of half pay;
• Paternity leave - 6 weeks of full pay.
• Private dental and medical insurance (taxable benefit) for you and your family;
• Virtual GP for you and your family members that live in the same household;
• Various gym discounts for you and your partner;

The role will be based in our London office. However, we have flexible working arrangements available.

The application process

We want to get to know you, and for you to get to know us, to see if we'd be a good fit. We are responsive and respectful of people's time throughout our hiring process.

A typical application process includes:

• Initial screening of your application by our recruiting team.
• An interview to assess your baseline technical skills.
• An interview to discuss your previous experience, broader competencies, and suitability for the role.

Get industry news and expert insights straight to your inbox.