At a Glance
- Tasks: Help clients reduce risks to their internet-facing assets and enhance cyber resilience.
- Company: Join a leading cybersecurity firm focused on innovative threat management solutions.
- Benefits: Enjoy 25 days holiday, hybrid working, and comprehensive health benefits.
- Other info: Flexible working arrangements and excellent career growth opportunities await you.
- Why this job: Be at the forefront of cybersecurity, tackling emerging threats and making a real impact.
- Qualifications: Experience in pentesting, vulnerability scanning, or threat intelligence is a plus.
The predicted salary is between 50000 - 65000 € per year.
Attack Surface Management (ASM) Consultants deliver our managed Polus Attack Surface Management service to our clients on a continuous basis to help them reduce risks to their internet-facing assets. This involves validating vulnerabilities, performing manual discovery of their attack surface and helping our clients interpret prioritised findings. Our aim is to become trusted advisors to our clients.
You will help our clients to build cyber resilience, enhance their understanding of the threat landscape and become better prepared to face dynamic and evolving security risks. This will involve being on the front foot of new and emerging threats, and ensuring our clients receive quick feedback as to whether they may be affected and actions they can take.
Main Duties and Responsibilities
- Working closely with the ASM practice lead and Customer Success Managers to ensure that a high value service is delivered to clients.
- Technical testing; vulnerability scanning, attack surface discovery, manual exploit validation, light-touch pentesting and Open-Source Intelligence (OSINT) gathering.
- Client Engagement; translating client challenges into solutions that fit S-RM’s ASM service offerings and value proposition, understanding and supporting the proposal process and ensuring delivery timelines are understood inline with project resourcing requirements.
- Reporting; Delivering findings in a range of formats, including via the Polus ASM platform, via written report and also through Quarterly Service Reviews.
- Keeping abreast of threat intelligence developments, and working closely with S-RM’s Threat Intelligence and Incident Response teams to integrate key data points into our service.
- Support to other teams where ASM is used as a value-add to assessment-based engagements in our Risk & Resilience practice, and also where ASM is used to support incident investigation with our Incident Response practice.
- Working closely with the other managed service teams (Managed Detection and Response and Cyber Threat Intelligence) to ensure that managed service delivery is unified across all three offerings.
- Supporting and shaping the development of the service, by working with the ASM practice lead, managed service teams and technical development teams to identify opportunities for innovation and improvement.
Who are we looking for?
We are looking for individuals keen to keep their finger on the pulse when it comes to the latest threats and vulnerabilities, with good client-facing skills needed to provide long term support to the organisations we work with. We’re not looking for prior Attack Surface Management experience (although bonus points if you do), but we’re looking for individuals who may fall into the following profiles with regards to experience:
- Pentesters with a minimum of 1 year experience (including carrying out external pentests) looking to specialise in threat led approaches.
- Cyber Security Analysts with experience running vulnerability scans and triaging issues, looking to move into managed service delivery with an offensive security focus.
- Threat Intelligence Analysts with good knowledge of offensive security concepts and familiarity with running security tooling, keen to develop their technical skills.
Candidates must have permission to work in the UK by the start of their employment.
OUR BENEFITS
We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of:
- 25 days holiday per year in addition to bank holidays (+1 day for every year of service up to a maximum of 30 days);
- Hybrid working and flexible working hours;
- Matching pension contribution up to 7% and financial education;
- Fertility treatment leave – 5 days of leave per cycle of treatment per year;
- Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
- Paternity leave – 6 weeks of full pay;
- Private dental and medical insurance (taxable benefit) for you and your family;
- Virtual GP for you and your family members that live in the same household;
- Various gym discounts for you and your partner.
The role will be based in our London office. However, we have flexible working arrangements available.
THE APPLICATION PROCESS
We want to get to know you, and for you to get to know us, to see if we’d be a good fit. We are responsive and respectful of people’s time throughout our hiring process. A typical application process includes:
- Initial screening of your application by our recruiting team.
- Interview to assess your baseline technical skills.
- An interview to discuss your previous experience, broader competencies, and suitability for the role.
To apply for this role, please send a cover letter and CV to: Job Application for Attack Surface Management Analyst at S-RM.
Attack Surface Management Consultant in London employer: S-RM
At S-RM, we pride ourselves on being an excellent employer by fostering a collaborative and innovative work culture that empowers our employees to thrive. Our London office offers flexible working arrangements, generous benefits including up to 30 days of holiday, and comprehensive support for personal and professional growth, making it an ideal environment for those passionate about cybersecurity and client engagement. Join us to become a trusted advisor in the ever-evolving landscape of cyber resilience, while enjoying a balanced work-life experience.
StudySmarter Expert Advice🤫
We think this is how you could land Attack Surface Management Consultant in London
✨Tip Number 1
Network like a pro! Attend industry events, webinars, and meetups to connect with professionals in the cyber security field. The more people you know, the better your chances of landing that ASM Consultant role.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your technical testing, vulnerability scanning, and any relevant projects. This will help potential employers see what you can bring to the table.
✨Tip Number 3
Prepare for interviews by brushing up on your knowledge of the latest threats and vulnerabilities. Be ready to discuss how you can help clients build cyber resilience and interpret findings effectively.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets the attention it deserves. Plus, we love seeing candidates who are genuinely interested in joining our team.
We think you need these skills to ace Attack Surface Management Consultant in London
Some tips for your application 🫡
Craft a Tailored Cover Letter:When writing your cover letter, make sure to highlight your relevant experience and how it aligns with the role of an Attack Surface Management Consultant. We want to see your passion for cyber security and how you can help our clients build resilience against threats.
Showcase Your Technical Skills:In your CV, don’t just list your skills—show us how you've applied them in real-world scenarios. Whether it's vulnerability scanning or pentesting, we want to know how you've tackled challenges and what tools you've used to deliver results.
Be Client-Focused:Remember, this role is all about client engagement. Use your application to demonstrate your understanding of client needs and how you can translate technical findings into actionable insights. We love candidates who can think from the client's perspective!
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it gives you a chance to explore more about us and what we do!
How to prepare for a job interview at S-RM
✨Know Your Stuff
Make sure you brush up on the latest trends in cyber security, especially around attack surface management. Familiarise yourself with common vulnerabilities and how to validate them. Being able to discuss recent threats or case studies will show your passion and knowledge.
✨Client Engagement Skills
Since this role involves a lot of client interaction, practice how you would translate technical jargon into layman's terms. Think about how you can demonstrate your ability to understand client challenges and propose tailored solutions during the interview.
✨Showcase Your Experience
Even if you don’t have direct ASM experience, highlight relevant skills from your background. Whether it’s pentesting, vulnerability scanning, or threat intelligence, be ready to discuss specific examples of how you've tackled similar challenges in the past.
✨Prepare for Technical Questions
Expect some technical questions that assess your baseline skills. Review common tools and methodologies used in vulnerability scanning and manual testing. Practising mock interviews with a friend can help you articulate your thought process clearly.
