Incident Response Analyst

Our Incident Response Senior Analysts are a critical part of our Cyber Security division’s success.

You will work across the full lifecycle of security incidents to help our clients respond and recover, including:

• Help manage incident response cases from first contact through to closure: you will be the primary point of contact for all internal and external stakeholders, accountable for delivery in‑time and on budget. You will coordinate non‑technical workstreams and collaborate with technical leads where necessary.
• Overseeing host‑and network‑based incident response investigations: including triage, system recovery, technical evidence collection, and forensics, log, malware and root‑cause analyses.
• Developing plans, policies, and training: including incident management plans, table‑top exercises, and response policies and procedures.
• Developing and sharing domain expertise: we will support you in growing your cyber expertise, including sharing it with the wider team through internal initiatives and programs.
• Contributing to business development: you will cultivate and manage close relationships with legal, insurance and other channel partners.
• Participating in an on‑call rotation to provide 24X7X365 client incident coverage.

Other features of the role include:

• Variety of casework: no day will be the same. Our team responds to a huge variety of incidents for both public and corporate clients.
• Range of opportunities: you will have opportunities to broaden your security awareness into testing and advisory projects, in addition to deepening your incident response expertise.
• Flexible working practices: responding to incidents can be intense, high‑pressure work. We are mindful of our team’s work/life balance and offer flexible working options to support your wellbeing.

Candidates with the following qualifications and experience are likely to succeed as Incident Response Associates at S‑RM.

That said, if you don’t think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box—we’re looking for candidates that are particularly strong in a few areas and have some interest and capabilities in others.

We nurture a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.

• Experience in helping manage a range of cyber incidents in high‑pressure situations;
• Excellent project management skills with a proven ability to manage multiple stakeholders;
• Experience presenting verbal updates or written reports to internal/external stakeholders with non‑technical backgrounds is essential;
• Tertiary education (HBO/WO) or relevant industry experience

Relevant industry certifications are not required for this role. However, holding any of the following is beneficial: GCFE, GCFA, EnCE, CFSR, CISSP, GREM, CCNA, MCFE, OSCP, Network+ and Security+