At a Glance
- Tasks: Help clients reduce risks to their online assets and enhance cyber resilience.
- Company: Dynamic cybersecurity firm focused on innovative threat management solutions.
- Benefits: 25 days holiday, hybrid working, private health insurance, and generous parental leave.
- Other info: Flexible working arrangements and opportunities for professional growth.
- Why this job: Join a team at the forefront of cybersecurity and make a real impact.
- Qualifications: Experience in pentesting or cybersecurity analysis; client-facing skills are a plus.
The predicted salary is between 40000 - 50000 £ per year.
Main Duties and Responsibilities
Attack Surface Management (ASM) Analysts deliver our managed Polus Attack Surface Management service to our clients on a continuous basis to help them reduce risks to their internet‑facing assets. This involves validating vulnerabilities, performing manual discovery of their attack surface and helping our clients interpret prioritised findings. Our aim is to become trusted advisors to our clients. You will help our clients to build cyber resilience, enhance their understanding of the threat landscape and become better prepared to face dynamic and evolving security risks. This will involve being on the front foot of new and emerging threats, and ensuring our clients receive quick feedback as to whether they may be affected and actions they can take.
- Technical testing; vulnerability scanning, attack surface discovery, manual exploit validation, light‑touch pentesting and Open‑Source Intelligence (OSINT) gathering
- Client Engagement; translating client challenges into solutions that fit S‑RM’s ASM service offerings and value proposition, understanding and supporting the proposal process and ensuring delivery timelines are understood inline with project resourcing requirements
- Reporting; delivering findings in a range of formats, including via the Polus ASM platform, via written report and also through Quarterly Service Reviews
You will also be required to keep abreast of threat intelligence developments, and work closely with S‑RM’s Threat Intelligence and Incident Response teams to integrate key data points into our service. Support to other teams will be required where ASM is used as a value‑add to assessment‑based engagements in our Risk & Resilience practice, and also where ASM is used to support incident investigation with our Incident Response practice. You will be required to work closely with the other managed service teams (Managed Detection and Response and Cyber Threat Intelligence) to ensure that managed service delivery is unified across all three offerings. Through this you will also be given the opportunity to support and shape the development of the service by working with the ASM practice lead, managed service teams and technical development teams to identify opportunities for innovation and improvement.
Who are we looking for?
We are looking for individuals keen to keep their finger on the pulse when it comes to the latest threats and vulnerabilities, with good client‑facing skills needed to provide long‑term support to the organisations we work with. We’re not looking for prior Attack Surface Management experience (although bonus points if you do), but we’re looking for individuals who may fall into the following profiles with regard to experience:
- Pentesters with a minimum of 1 year experience (including carrying out external pentests) looking to specialise in threat‑led approaches
- Cyber Security Analysts with experience running vulnerability scans and triaging issues, looking to move into managed service delivery with an offensive security focus
- Threat Intelligence Analysts with good knowledge of offensive security concepts and familiarity with running security tooling, keen to develop their technical skills
Candidates must have permission to work in the UK by the start of their employment.
Benefits
We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, including but not exhaustive of:
- 25 days holiday per year in addition to bank holidays (+1 day for every year of service up to a maximum of 30 days)
- Hybrid working and flexible working hours
- Matching pension contribution up to 7% and financial education
- Fertility treatment leave – 5 days of leave per cycle of treatment per year
- Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay
- Paternity leave – 6 weeks of full pay
- Private dental and medical insurance (taxable benefit) for you and your family
- Virtual GP for you and your family members that live in the same household
- Various gym discounts for you and your partner
The role will be based in our London office. However, we have flexible working arrangements available.
Attack Surface Management Analyst employer: S-RM
At S-RM, we pride ourselves on being an exceptional employer, offering a dynamic work culture that fosters innovation and collaboration. Our London office provides a vibrant environment where Attack Surface Management Analysts can thrive, supported by comprehensive benefits such as generous holiday allowances, flexible working arrangements, and robust professional development opportunities. We are committed to empowering our employees to become trusted advisors in the cybersecurity landscape, ensuring they stay at the forefront of emerging threats while enjoying a balanced work-life experience.
StudySmarter Expert Advice🤫
We think this is how you could land Attack Surface Management Analyst
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the cyber security field. Attend meetups, webinars, or even just chat with people on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your work, whether it's vulnerability assessments, pentesting reports, or any relevant projects. This gives potential employers a taste of what you can do and sets you apart from the crowd.
✨Tip Number 3
Be proactive! Don’t just wait for job postings to pop up. Reach out to companies you admire, like us at StudySmarter, and express your interest. A well-crafted email can go a long way in getting noticed.
✨Tip Number 4
Stay updated on the latest threats and trends in cyber security. Follow industry news, join forums, and participate in discussions. This not only helps you in interviews but also shows employers that you're genuinely passionate about the field.
We think you need these skills to ace Attack Surface Management Analyst
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Attack Surface Management Analyst role. Highlight any relevant experience, especially in pentesting or vulnerability scanning, and don’t forget to showcase your client-facing skills!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re passionate about cyber security and how your background makes you a great fit for our team. Be sure to mention your eagerness to stay updated on the latest threats.
Showcase Your Technical Skills:In your application, be sure to highlight any technical skills you have that relate to the role. Whether it's experience with OSINT gathering or familiarity with security tooling, we want to see what you bring to the table!
Apply Through Our Website:We encourage you to apply through our website for the best chance of getting noticed. It’s super easy, and you’ll be one step closer to joining our awesome team at StudySmarter!
How to prepare for a job interview at S-RM
✨Know Your Stuff
Make sure you brush up on the latest trends in attack surface management and cyber threats. Familiarise yourself with vulnerability scanning tools and techniques, as well as any recent incidents that have made headlines. This will show your passion for the field and your commitment to staying informed.
✨Client Engagement Skills
Since this role involves a lot of client interaction, practice how you would explain complex security concepts in simple terms. Think about how you can translate technical jargon into relatable language. Role-playing with a friend or colleague can help you refine your approach.
✨Show Your Problem-Solving Skills
Prepare to discuss specific examples where you've tackled challenges in previous roles. Whether it’s a pentest you conducted or a vulnerability you triaged, be ready to explain your thought process and the impact of your actions. This will demonstrate your analytical skills and ability to think on your feet.
✨Ask Insightful Questions
At the end of the interview, don’t shy away from asking questions. Inquire about the team dynamics, the tools they use, or how they stay ahead of emerging threats. This not only shows your interest in the role but also helps you gauge if the company is the right fit for you.
