Overview

Join to apply for the

Senior Security Engineer

role at

S-RM .S-RM is a global intelligence and cyber security consultancy. Since 2005, we\''ve helped some of the most sophisticated clients in the world solve some of their toughest challenges. We are committed to developing bright, curious, driven individuals who want to think critically, solve complex problems, and achieve success. We believe work is about the lives and careers it helps us build, and we invest in our people\''s wellbeing, learning, and ideas every day.WORKING IN INFOSEC AT S-RMThis is an opportunity to join a company where information security is embedded into the culture. Our client services include a world-class cyber security team, which means we think critically about our own security practices at all levels. We see information security as an asset, not a cost centre, and we invest in those who lead it. Infosec staff are encouraged to speak openly about ideas for improvement, and regular access to senior leadership is guaranteed. The information security function has a growing and influential voice within S-RM, and no day is the same as we stay ahead of threats to our business and clients. The work offers opportunities for career development and growth across teams.If that sounds like your kind of team, we\''d like to hear from you.The Role

As a Security Engineer, you\''ll play a lead technical role in maintaining and evolving S-RM\''s information security.Responsibilities

Improve and implement development pipeline security features, such as SAST and DASTManage, monitor and improve compliance, vulnerability management, threat intelligence, detection/prevention tools across a multi-cloud environmentProvide expert security design and engineering guidance on complex cloud security challenges and risksDefine annual and quarterly penetration testing of company infrastructure and in-house developed applications, and re-test vulnerabilities where possibleWork with engineering/development/product teams to architect and implement secure-by-design solutions from project inception to completion, including threat modelling assessmentsFamiliarity with implementing security hardening standards (e.g., CIS, Cloud Foundations)Security alert triage, investigation and containment of potential security incidents across corporate estate and cloud environmentsMaintenance of Microsoft Sentinel SIEM/SOAR and Defender XDR deploymentLeading investigation and containment activities in the internal incident response teamExperience and Qualifications

At least 3+ years working in Cyber / Information SecurityAZ-104 or AWS Certified Solutions Architect Associate is essentialAbility to translate technical issues into business-friendly/executive languageExperience with Bash and/or PowerShell automation is essentialExperience with ethical hacking tools such as nmap, Nessus, and Burp SuitePractical experience of the Software Development Life Cycle and Agile frameworksFostering a positive culture of security with end users, engineers, product managersExcellent communication, teamwork, presentation and stakeholder management skillsThe successful candidate must have permission to work in

London

by the start of their employment.Our Benefits

25 days holiday per year, plus bank holidays (and +1 day per year of service up to 30 days)Hybrid and flexible working hoursMatching pension contribution up to 7%Fertility treatment leave – 5 days per cycle per yearMaternity leave – 26 weeks of full pay followed by 13 weeks of half payPaternity leave – 6 weeks of full payPrivate dental and medical insurance (taxable benefit) for you and your familyVirtual GP for household membersGym discounts for you and your partnerThe role will be based in our London office. We offer flexible working arrangements.

#J-18808-Ljbffr