Senior Security Engineer

S-RM is a global intelligence and cyber security consultancy. Since 2005, we've helped some of the most sophisticated clients in the world solve some of their toughest challenges.

We've been able to do this because of our outstanding people. We're committed to developing bright, curious, driven individuals who want to think critically, solve complex problems, and achieve success.

But we also know that work isn't everything, It's about the lives and careers it helps us build. We're immensely proud of this culture and we invest in our people's wellbeing, learning, and ideas every day.

WORKING IN INFOSEC AT S-RM

This is an opportunity to join a company where infosec is embedded into the culture. Our client services include a world-class cyber security team which means we think critically about our own security practices at all levels. We see information security as an asset not a cost centre, and we invest in those who lead it.

This investment means listening to those who know most about our security and supporting their ideas. Our information security function has a growing and very influential voice within S-RM. Infosec staff are encouraged to speak openly about their ideas for improvement, and regular access to senior leadership is guaranteed.

This approach is how we stay ahead of the threats to our business and our clients. S-RM is growing fast. The information security challenges this generates means no day is the same. We believe the variety of work and the team you'll accomplish it with present immense opportunities for career development. Our teams are designed to bring out our best whilst also creating opportunities for everyone to contribute and grow.

If that sounds like your kind of team, we'd like to hear from you.

THE ROLE

As a Security Engineer, you'll play a lead technical role in maintaining and evolving S-RM's information security.

Key Responsibilities:

• Improve and implement development pipeline security features, such as SAST and DAST
• Manage, monitor and improve compliance, vulnerability management, threat intelligence, detection/prevention tools across a multi-cloud environment.
• Provide expert security design and engineering guidance on complex cloud security challenges and risks.
• Defining the annual and quarterly penetration testing of company infrastructure and in-house developed applications, and re-test vulnerabilities where possible.
• Work with engineering / development / product teams to help architect and implement solutions that are secure by design from project inception to completion through the completion of threat modelling assessments.
• Familiarity and experience with implementing security hardening standards (i.e. CIS, Cloud Foundations)
• Security alert triage, investigation and containment of potential security incidents across corporate estate and cloud environments.
• Maintenance of Microsoft Sentinel SIEM/SOAR and Defender XDR deployment.
• Leading investigation and containment activities in the internal incident response team.

Experience & Qualifications required

• At least 3+ years working in Cyber / Information Security.
• AZ104 or AWS Solutions Architect Associate is essential.
• Ability to translate technical issues into business friendly / executive language.
• Experience with Bash and / or PowerShell automation is essential.
• Experience with ethical hacking tools, such as (But not limited to) nmap, Nessus, and Burpsuite.
• Practical experience of the Software Development Life Cycle and Agile frameworks.
• Fostering a positive culture of security with end users, engineers, developers, product managers.
• Excellent communication, teamwork, presentation and stakeholder management skills.

The successful candidate must have permission to work in London by the start of their employment.

Our benefits

We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, this includes but is not exhaustive of:

• 25 days holiday per year in addition to bank holidays (+1 day for every year of service up to a maximum of 30 days);
• Hybrid working and flexible working hours;
• Matching pension contribution up to 7% and financial education;
• Fertility treatment leave - 5 days of leave per cycle of treatment per year;
• Maternity leave - 26 weeks of full pay followed by 13 weeks of half pay;
• Paternity leave - 6 weeks of full pay.
• Private dental and medical insurance (taxable benefit) for you and your family;
• Virtual GP for you and your family members that live in the same household;
• Various gym discounts for you and your partner;

The role will be based in our London office. However, we have flexible working arrangements available.