Senior Associate, Cyber Risk Advisory

S-RM is a global intelligence and cyber security consultancy. Since 2005, we’ve helped some of the most demanding clients in the world solve some of their toughest information security challenges.

We’ve been able to do this because of our outstanding people. We’re committed to developing sharp, curious, driven individuals who want to think critically, solve complex problems, and achieve success.

But we also know that work isn’t everything. It’s about the lives and careers it helps us build. We’re immensely proud of this culture and we invest in our people’s wellbeing and learning every day.

Cyber Advisory Associates lead our cyber resilience consultancy engagements.

You will work closely with our clients to understand their challenges, lead project teams and deliver innovative solutions across a full spectrum of cyber risk management and governance activities. Our aim is to become trusted advisors to our clients as we help them to navigate dynamic and evolving security risks.

Our Associates are project managers and people managers, as well as consultants. You will join a thriving Advisory Practice in which you will support the development of junior colleagues, drive improvement in products and services and contribute to Practice strategy.

• Lead the delivery of S-RM’s Cyber Incident Response Exercise programme across all market segments, including private equity portfolio clients, insurance clients, and direct corporate clients.
• Design, develop and deliver operational and leadership cyber incident response exercises tailored to client needs.
• Apply hands‑on incident response experience to inform exercise realism, scenarios, and learning outcomes.
• Develop S-RM’s incident response exercise service offerings, including methodologies, tools and collateral.
• Support commercial activities in this area, including writing proposals, pitching to clients, and driving growth of S-RM’s exercising services.

• Advise clients on cyber incident response strategy, policy, and plan development.
• Review and develop incident response playbooks, ensuring they are practical, tested and aligned to organisational needs.
• Contribute to digital resilience services, including business continuity and disaster recovery planning and exercising.
• Operate in the space between cyber advisory and hands‑on incident response, providing clients with pragmatic and experience‑based guidance.

Lead consultancy engagements across a broad range of information security disciplines, including:

• Assessing cyber security controls across people, process and technology.
• Framework assessments and security improvement planning.
• Cyber regulations, governance and compliance.

S-RM Consultants are organised and dynamic project managers and team leaders. You will:

• Lead complex projects independently.
• Manage client engagement, communication and project planning activities.
• Lead client workshops and information gathering discussions.
• Oversee technical and governance focussed implementation plans.
• Work with internal client project teams, subcontractors and partners.
• Understand and utilise the full range of S-RM’s people and expertise.
• Manage junior colleagues and oversee career development where appropriate.

Our consultants are at the heart of our business development activities. You will:

• Engage with clients to understand their cyber security challenges.
• Innovate solutions, create, propose and pitch cyber security engagements.
• Contribute to the expansion of client accounts and winning new business.
• Identify market opportunities, with a particular focus on growing S-RM’s cyber incident response exercising services.

• Applied experience in cyber incident response, ideally having worked as a consultant on major cyber incidents.
• Previous experience in information security, cyber roles and/or technical domains.
• Prior consulting experience in a cyber role.
• Ability and willingness to manage complex projects.

Demonstrable knowledge…