Senior Associate, Cyber Risk Advisory

Cyber Advisory: Exercising Lead, Senior Associate

Who we are

S-RM is a global intelligence and cyber security consultancy. Since 2005, we’ve helped some of the most demanding clients in the world solve some of their toughest information security challenges.

We’ve been able to do this because of our outstanding people. We’re committed to developing sharp, curious, driven individuals who want to think critically, solve complex problems, and achieve success.

But we also know that work isn’t everything. It’s about the lives and careers it helps us build. We’re immensely proud of this culture and we invest in our people’s wellbeing and learning every day.

Role

 

Cyber Advisory Associates lead our cyber resilience consultancy engagements.

You will work closely with our clients to understand their challenges, lead project teams and deliver innovative solutions across a full spectrum of cyber risk management and governance activities. Our aim is to become trusted advisors to our clients as we help them to navigate dynamic and evolving security risks.

Our Associates are project managers and people managers, as well as consultants. You will join a thriving Advisory Practice in which you will support the development of junior colleagues, drive improvement in products and services and contribute to Practice strategy.

This role has a strong focus on Cyber Incident Response Exercising. You will take applied incident response expertise and apply it to the design, delivery and development of S-RM’s exercising services, helping our clients build resilience through realistic and impactful simulations.

Responsibilities:

 

Incident Response Simulation Exercise Lead

• Lead the delivery of S-RM’s Cyber Incident Response Exercise programme across all market segments, including private equity portfolio clients, insurance clients, and direct corporate clients.
• Design, develop and deliver operational and leadership cyber incident response exercises tailored to client needs.
• Apply hands-on incident response experience to inform exercise realism, scenarios, and learning outcomes.
• Develop S-RM’s incident response exercise service offerings, including methodologies, tools and collateral.
• Support commercial activities in this area, including writing proposals, pitching to clients, and driving growth of S-RM’s exercising services.

 

Incident Response Advisory and Digital Resilience

• Advise clients on cyber incident response strategy, policy, and plan development.
• Review and develop incident response playbooks, ensuring they are practical, tested and aligned to organisational needs.
• Contribute to digital resilience services, including business continuity and disaster recovery planning and exercising.
• Operate in the space between cyber advisory and hands-on incident response, providing clients with pragmatic and experience-based guidance.

 

General Cyber Security Consultancy

Lead consultancy engagements across a broad range of information security disciplines, including:

• Assessing cyber security controls across people, process and technology
• Framework assessments and security improvement planning
• Cyber regulations, governance and compliance
• Threat Intelligence

Project Management

S-RM Consultants are organised and dynamic project managers and team leaders. You will:

• Lead complex projects independently
• Manage client engagement, communication and project planning activities
• Lead client workshops and information gathering discussions
• Oversee technical and governance focussed implementation plans
• Work with internal client project teams, subcontractors and partners
• Understand and utilise the full range of S-RM’s people and expertise
• Manage junior colleagues and oversee career development where appropriate

 

Client Engagement, Account Management and Business Development

Our consultants are at the heart of our business development activities. You will:

• Engage with clients to understand their cyber security challenges
• Innovate solutions, create, propose and pitch cyber security engagements
• Contribute to the expansion of client accounts and winning new business

Identify market opportunities, with a particular focus on growing S-RM’s cyber incident response exercising services.

 

Skills and Experience

Required:

• Applied experience in cyber incident response, ideally having worked as a consultant on major cyber incidents.
• Previous experience in information security, cyber roles and/or technical domains.
• Prior consulting experience in a cyber role.
• Ability and willingness to manage complex projects.
• Excellent presentational skills, written work and attention to detail.
• Permission to work in the UK.
• Based in London, or able to travel to London regularly.

 

Strongly Preferred:

• Demonstrable knowledge of:
  • Incident response policies, plans and playbooks.
  • Cyber Security frameworks, standards and regulations
  • Information security principles, tools, technologies and techniques
  • Technical cyber knowledge, including:
    • Cloud Security
    • Identity and Access Management
    • Software development lifecycle
    • Operational Technology
  • Industry accreditation such as SANS Institute, Security+, CISM, CISSP or ISO27001;

 

Our benefits

We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of:

• 25 days holiday per year in addition to bank holidays (+1 day for every year of service up to a maximum of 30 days);
• Hybrid working and flexible working hours;
• Matching pension contribution up to 7% and financial education;
• Fertility treatment leave – 5 days of leave per cycle of treatment per year;
• Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
• Paternity leave – 6 weeks of full pay.
• Private dental and medical insurance (taxable benefit) for you and your family;
• Virtual GP for you and your family members that live in the same household;
• Various gym discounts for you and your partner;

 

The role will be based in our London office. However, we have flexible working arrangements available.

 

Our benefits

 

• We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of:
• 25 days holiday per year in addition to bank holidays (+1 day for every year of service up to a maximum of 30 days);
• Hybrid working and flexible working hours;
• Matching pension contribution up to 7% and financial education;
• Fertility treatment leave – 5 days of leave per cycle of treatment per year;
• Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
• Paternity leave – 6 weeks of full pay.
• Private dental and medical insurance (taxable benefit) for you and your family;
• Virtual GP for you and your family members that live in the same household;
• Various gym discounts for you and your partner;

 

The role will be based in our London office. However, we have flexible working arrangements available.