Cyber Security Analyst

S-RM • Full-time • New York, United States, US • 3w ago

SENIOR ANALYST: INCIDENT RESPONSE

WHO WE ARE

S-RM is a global intelligence and cybersecurity consultancy. Since 2005, we’ve helped some of the most demanding clients in the world solve some of their toughest information security challenges.

We’ve been able to do this because of our outstanding people. We’re committed to developing bright, curious, driven individuals who want to think critically, solve complex problems, and achieve success.

But we also know that work isn’t everything, it’s about the lives and careers it helps us build. We’re immensely proud of this culture and we invest in our people’s wellbeing, learning, and ideas every day.

We’re excited you’re thinking about joining us.

WORKING IN CYBER AT S-RM

Our Cyber Security practice is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory, Testing, Incident Response and Forensics practices are in more demand than ever.

We’re building a team to meet this challenge. This means we’re quick to respond, innovate, and improve. We don’t get too hung up on hierarchy or bureaucracy. If your ideas are good enough, we’ll empower you to implement them. If you’re the best person to talk to a customer, you’ll get that opportunity, regardless of the title in your email signature. And when you need a hand, your team will always have your back.

We also don’t believe there’s a typical Cyber Security professional. We’ve built a team of intelligence analysts, technical specialists, software developers, investigators, risk managers, and more. You’ll always find a range of perspectives and expertise to help you learn and grow.

If that sounds like your kind of team, we’d like to hear from you.

THE ROLE

Our Incident Response Senior Analysts are a critical part of our project teams and our cybersecurity division’s success.

Our typical project teams comprise Engagement Managers, Associates, and Analysts. As a Senior Analyst, you will be responsible for delivering key elements of our incident response work, with the direction and support of Associates and Engagement Managers.

You will work across the full lifecycle of security incidents to help our clients respond to cyberattacks and recover successfully. Typical activities and projects include:

Collecting technical evidence from client environments.
Ingesting evidence into analysis platforms such as forensic analysis tools or log analysis platforms.
Investigating cyber incidents to determine whether the confidentiality, integrity or availability of the information has been affected.
Gathering intelligence on threat actors.
Advising clients on containment actions to limit the effects of cyber incidents.
Deploying technologies such as endpoint detection and response solutions or tactical SIEM.
Assisting the recovery of clients’ IT infrastructure during and after cyber attacks.
Briefing key executives on your work and the status of their incidents and recovery.

Other features of the role include:

Variety of casework: no day will be the same. Our team responds to a huge variety of incidents for both public and corporate clients.

Range of opportunities: you will have opportunities to broaden your security awareness into ethical hacking and advisory projects, in addition to deepening your incident response expertise.

Support to develop: our team is committed to helping everyone grow and learn the most from their experience at S-RM. As you work across your projects, you will be given all the feedback and support you need to build your cyber career.

Flexible working practices: responding to incidents can be intense, high-pressure work. We are mindful of our team’s work/life balance and offer flexible working options to support your wellbeing.

WHAT WE’RE LOOKING FOR

Candidates with the following skills and experience are likely to succeed as Cyber Incident Response analysts at S-RM.

That said, if you don’t think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box—we’re looking for candidates that are particularly strong in a few areas and have some interest and capabilities in others.

We nurture a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.

We’re looking for someone with some or all of these skills who can adapt to change and work comfortably in a fast-paced environment.

Relevant tertiary education or industry experience
Experience presenting verbal updates or written reports to internal/external stakeholders with non-technical backgrounds (beneficial, not a requirement)
Some prior consulting experience (beneficial, not a requirement)

Some demonstrable knowledge and interest in some of the following areas:

Endpoint Forensic Analysis
Malware Analysis
Network Forensics
Cloud Forensics
Mobile Device Analysis
Evidence Handling and Preservation
Industrial Control Systems and Operational Technology
Common enterprise security technologies (endpoint protection, SIEM, IDS/IPS, EDR, DLP
Windows system administration and associated concepts
Identity management including Active Directory
Managing routers, gateways and switches
Virtualisation technologies (ESXI, VMWare etc.)
Linux administration
Email infrastructure (Office 365, on-premise Exchange)
Remote access infrastructure

Relevant industry certifications are not required for this role. However, holding any of the following is beneficial: GCFE, GCFA, EnCE, CFSR, CISSP, GREM, CCNA, MCFE, OSCP, Network+ and Security+

The successful candidate must have permission to work in the US by the start of their employment.

OUR BENEFITS

We offer thoughtful rewards and support to help our people achieve a great balance in their professional and personal lives, including:

20 days holiday per year in addition to 12 public holidays (+1 day for every year of service up to a maximum of 25 days);
Life insurance – 4x annual salary;
Matching pension contribution up to 6% (up to a maximum of 12% combined), and financial education;
Military Leave– to a maximum of 5 years;
Hybrid working and flexible working hours.

Parental Support:

Fertility treatment leave – 5 days of leave per cycle of treatment per year;
Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay;
Paternity leave – 6 weeks of full pay.

Various Health and Medical Benefits including:

100% Company paid private medical, dental and vision insurance for employee, partner and children;
Gym discounts for you and your partner;
EAP programme for you and your immediate family;
Free access to the world-famous mindfulness app Headspace.

THE APPLICATION PROCESS

We want to get to know you, and for you to get to know us, to see if we’d be a good fit. We are responsive and respectful of people’s time throughout our hiring process.

A typical application process includes:

Initial screening of your application by our recruiting team
A technical interview to assess your baseline skills
A scenario-based interview to understand how you would approach some of the challenges you’ll be faced with in the role

Salary information for our US Cyber Security Analysts and Senior Analysts range from: $60,000- $120,000

The easiest way to get your details to us is to send a CV and cover letter to Recruitment@s-rminform.com.