Senior Associate, Cyber Risk Advisory

Cyber Advisory: Lead, Senior Associate

Be among the first 25 applicants. 3 weeks ago.

Overview

S-RM is a global intelligence and cyber security consultancy. Since 2005, we have helped some of the most demanding clients in the world solve tough information security challenges. We invest in people wellbeing and learning.

Role

Cyber Advisory Associates lead our cyber resilience consultancy engagements. Work closely with clients, lead project teams, deliver solutions across cyber risk management and governance. The role has a strong focus on Cyber Incident Response Exercising.

Responsibilities

• Lead the delivery of S-RM\’s Cyber Incident Response Exercise programme across all market segments.
• Design, develop and deliver operational and leadership cyber incident response exercises tailored to client needs.
• Apply hands‑on incident response experience to inform exercise realism, scenarios and learning outcomes.
• Develop S-RM\’s incident response exercise service offerings, including methodologies, tools and collateral.
• Support commercial activities in this area, including writing proposals, pitching to clients and driving growth of S-RM\’s exercising services.
• Advise clients on cyber incident response strategy, policy, and plan development.
• Review and develop incident response playbooks, ensuring they are practical, tested and aligned to organisational needs.
• Contribute to digital resilience services, including business continuity and disaster recovery planning and exercising.
• Operate in the space between cyber advisory and hands‑on incident response, providing clients with pragmatic and experience‑based guidance.
• Lead consultancy engagements across a broad range of information security disciplines, including assessing cyber security controls, framework assessments and security improvement planning, cyber regulations, governance and compliance, and threat intelligence.
• Lead complex projects independently and manage client engagement, communication and project planning activities.
• Manage junior colleagues and oversee career development where appropriate.
• Engage with clients to understand cyber security challenges, innovate solutions, create, propose and pitch engagements and contribute to the expansion of client accounts and winning new business.

Qualifications

• Applied experience in cyber incident response, ideally having worked as a consultant on major cyber incidents.
• Previous experience in information security, cyber roles and/or technical domains.
• Prior consulting experience in a cyber role.
• Ability and willingness to manage complex projects.
• Excellent presentational skills, written work and attention to detail.
• Permission to work in the UK.
• Based in London, or able to travel to London regularly.

Skills and Experience – Preferred

• Demonstrable knowledge of incident response policies, plans and playbooks.
• Knowledge of cyber security frameworks, standards and regulations.
• Information security principles, tools, technologies and techniques.
• Technical cyber knowledge, including cloud security, identity and access management, software development lifecycle, and operational technology.
• Industry accreditation such as SANS Institute, Security+, CISM, CISSP or ISO27001.

Benefits

• 25 days holiday per year in addition to bank holidays (plus 1 day for every year of service up to a maximum of 30 days).
• Hybrid working and flexible working hours.
• Matching pension contribution up to 7% and financial education.
• Fertility treatment leave – 5 days of leave per cycle of treatment per year.
• Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay.
• Paternity leave – 6 weeks of full pay.
• Private dental and medical insurance (taxable benefit) for you and your family.
• Virtual GP for you and your family members that live in the same household.
• Various gym discounts for you and your partner.

Location

London office with flexible working arrangements.