Exercising Lead, Senior Associate - Cyber Risk Advisory Cyber security London

We have a new and exciting role available within our Cyber Security division in London for a Exercising Lead, Senior Associate, Cyber Risk Advisory. S-RM is a global intelligence and cyber security consultancy. Since 2005, we have helped some of the most demanding clients in the world solve some of their toughest information security challenges. We have been able to do this because of our outstanding people. We are committed to developing sharp, curious, driven individuals who want to think critically, solve complex problems, and achieve success. But we also know that work isn’t everything. It’s about the lives and careers it helps us build. We are immensely proud of this culture and we invest in our people’s wellbeing and learning every day.

The role involves leading our cyber resilience consultancy engagements. You will work closely with our clients to understand their challenges, lead project teams and deliver innovative solutions across a full spectrum of cyber risk management and governance activities. Our aim is to become trusted advisors to our clients as we help them navigate dynamic and evolving security risks. Our Associates are project managers and people managers, as well as consultants. You will join a thriving Advisory Practice in which you will support the development of junior colleagues, drive improvement in products and services and contribute to Practice strategy.

This role has a strong focus on Cyber Incident Response Exercising. You will take applied incident response expertise and apply it to the design, delivery and development of S-RM's exercising services, helping our clients build resilience through realistic and impactful simulations.

Responsibilities:

• Lead the delivery of S-RM's Cyber Incident Response Exercise programme across all market segments, including private equity portfolio clients, insurance clients, and direct corporate clients.
• Design, develop and deliver operational and leadership cyber incident response exercises tailored to client needs.
• Apply hands-on incident response experience to inform exercise realism, scenarios, and learning outcomes.
• Develop S-RM's incident response exercise service offerings, including methodologies, tools and collateral.
• Support commercial activities in this area, including writing proposals, pitching to clients, and driving growth of S-RM's exercising services.

Incident Response Advisory and Digital Resilience:

• Advise clients on cyber incident response strategy, policy, and plan development.
• Review and develop incident response playbooks, ensuring they are practical, tested and aligned to organisational needs.
• Contribute to digital resilience services, including business continuity and disaster recovery planning and exercising.
• Operate in the space between cyber advisory and hands-on incident response, providing clients with pragmatic and experience-based guidance.

General Cyber Security Consultancy:

• Lead consultancy engagements across a broad range of information security disciplines, including assessing cyber security controls across people, process and technology.
• Framework assessments and security improvement planning.
• Cyber regulations, governance and compliance.

Project Management:

• Lead complex projects independently.
• Manage client engagement, communication and project planning activities.
• Lead client workshops and information gathering discussions.
• Oversee technical and governance focused implementation plans.
• Work with internal client project teams, subcontractors and partners.
• Understand and utilise the full range of S-RM's people and expertise.
• Manage junior colleagues and oversee career development where appropriate.

Client Engagement, Account Management and Business Development:

• Engage with clients to understand their cyber security challenges.
• Innovate solutions, create, propose and pitch cyber security engagements.
• Contribute to the expansion of client accounts and winning new business.
• Identify market opportunities, with a particular focus on growing S-RM's cyber incident response exercising services.

Skills and experience Required:

• Applied experience in cyber incident response, ideally having worked as a consultant on major cyber incidents.
• Previous experience in information security, cyber roles and/or technical domains.
• Prior consulting experience in a cyber role.
• Ability and willingness to manage complex projects.
• Excellent presentational skills, written work and attention to detail.
• Permission to work in the UK.
• Based in London, or able to travel to London regularly.

Strongly Preferred:

• Demonstrable knowledge of incident response policies, plans and playbooks.
• Cyber Security frameworks, standards and regulations.
• Information security principles, tools, technologies and techniques.
• Technical cyber knowledge, including Identity and Access Management.
• Operational Technology Industry accreditation such as SANS Institute, Security+, CISM, CISSP or ISO27001.

We think candidates with the following skills and experience are likely to succeed as Incident Response Engagement Leads at S-RM. You will need great consulting skills and a developed understanding of networks and security technologies. We will prioritise candidates with demonstrable digital forensics and incident response (DFIR) experience, especially those that have worked in an incident handling capacity before. However, we encourage candidates with adjacent experience to apply. We believe that, with the right training, anyone that fits the profile below can make an excellent Engagement Lead. We have a proven track record of supporting those from diverse backgrounds to develop into this role.

A calm and empathetic style when under pressure. A thoughtful approach to solving problems. An instinct to seek the expertise of others and bring diverse skillsets together. Excellent client service and advocacy skills in your daily work. Candidates must have permission to work in London by the start of their employment.

We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of:

• 25 days holiday per year in addition to bank holidays (+1 day for every year of service up to a maximum of 30 days);
• Hybrid working and flexible working hours;
• Matching pension contribution up to 7% and financial education;
• Fertility treatment leave – 5 days of leave per cycle of treatment per year;
• Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
• Paternity leave – 6 weeks of full pay;
• Private dental and medical insurance (taxable benefit) for you and your family;
• Virtual GP for you and your family that live in the same household;
• Various gym discounts for you and your partner.

The role will be based in our London office. However, we have flexible working arrangements available.