Overview

Join to apply for the Senior Security Engineer role at S-RM.

S-RM is a global intelligence and cyber security consultancy. Since 2005, we\'ve helped some of the most sophisticated clients in the world solve some of their toughest challenges. We are committed to developing bright, curious, driven individuals who want to think critically, solve complex problems, and achieve success. We believe work is about the lives and careers it helps us build, and we invest in our people\'s wellbeing, learning, and ideas every day.

WORKING IN INFOSEC AT S-RM

This is an opportunity to join a company where information security is embedded into the culture. Our client services include a world-class cyber security team, which means we think critically about our own security practices at all levels. We see information security as an asset, not a cost centre, and we invest in those who lead it. Infosec staff are encouraged to speak openly about ideas for improvement, and regular access to senior leadership is guaranteed. The information security function has a growing and influential voice within S-RM, and no day is the same as we stay ahead of threats to our business and clients. The work offers opportunities for career development and growth across teams.

If that sounds like your kind of team, we\'d like to hear from you.

The Role

As a Security Engineer, you\'ll play a lead technical role in maintaining and evolving S-RM\'s information security.

Responsibilities

• Improve and implement development pipeline security features, such as SAST and DAST
• Manage, monitor and improve compliance, vulnerability management, threat intelligence, detection/prevention tools across a multi-cloud environment
• Provide expert security design and engineering guidance on complex cloud security challenges and risks
• Define annual and quarterly penetration testing of company infrastructure and in-house developed applications, and re-test vulnerabilities where possible
• Work with engineering/development/product teams to architect and implement secure-by-design solutions from project inception to completion, including threat modelling assessments
• Familiarity with implementing security hardening standards (e.g., CIS, Cloud Foundations)
• Security alert triage, investigation and containment of potential security incidents across corporate estate and cloud environments
• Maintenance of Microsoft Sentinel SIEM/SOAR and Defender XDR deployment
• Leading investigation and containment activities in the internal incident response team

Experience & Qualifications

• At least 3+ years working in Cyber / Information Security
• AZ-104 or AWS Certified Solutions Architect Associate is essential
• Ability to translate technical issues into business-friendly/executive language
• Experience with Bash and/or PowerShell automation is essential
• Experience with ethical hacking tools such as nmap, Nessus, and Burp Suite
• Practical experience of the Software Development Life Cycle and Agile frameworks
• Fostering a positive culture of security with end users, engineers, product managers
• Excellent communication, teamwork, presentation and stakeholder management skills

The successful candidate must have permission to work in London by the start of their employment.

Our Benefits

• 25 days holiday per year, plus bank holidays (and +1 day per year of service up to 30 days)
• Hybrid and flexible working hours
• Matching pension contribution up to 7%
• Fertility treatment leave – 5 days per cycle per year
• Maternity leave – 26 weeks of full pay followed by 13 weeks of half pay
• Paternity leave – 6 weeks of full pay
• Private dental and medical insurance (taxable benefit) for you and your family
• Virtual GP for household members
• Gym discounts for you and your partner

The role will be based in our London office. We offer flexible working arrangements.