Commercial Cyber Incident Response Lead
Utrecht
⚠️ We'll shut down after Aug 1st - try foo🦍 for all jobs in tech ⚠️
S-RM
Leading cyber security consultancy and intelligence experts delivering intelligence, resilience, and response solutions to clients worldwide.WHO WE ARE
S-RM is a global intelligence and cyber security consultancy. Since 2005, we’ve helped some of the most demanding clients in the world solve some of their toughest information security challenges.
We’ve been able to do this because of our outstanding people. We’re committed to developing bright, curious, driven individuals who want to think critically, solve complex problems, and achieve success.
But we also know that work isn’t everything. It’s about the lives and careers it helps us build. We’re immensely proud of this culture and we invest in our people’s wellbeing, learning, and ideas every day.
We’re excited you’re thinking about joining us.
WORKING IN CYBER AT S-RM
Our Cyber Security division is the newest and fastest-growing part of S-RM. The cyber sector is always evolving, and our Advisory, Testing, and Incident Response practices are in more demand than ever. Our cyber team based in the Netherlands is the newest addition within Cyber, delivering all of our services to clients in the Netherlands, the Benelux, even the entire European region.
We’re building a team to meet this challenge. This means we’re quick to respond, innovate, and improve. We don’t get too hung up on hierarchy or bureaucracy. If your ideas are good enough, we’ll empower you to implement them. If you’re the best person to talk to a customer, you’ll get that opportunity, regardless of the title in your email signature. And when you need a hand, your team will always have your back.
We also don’t believe there’s a typical cyber security professional. We’ve built a team of intelligence analysts, technical specialists, software developers, investigators, risk managers, and more. You’ll always find a range of perspectives and expertise to help you learn and grow.
If that sounds like your kind of team, we’d like to hear from you.
THE ROLE
As a Commercial Cyber Incident Response Lead your role consists out of two complementary aspects: a commercial focus to grow out BeNeLux Incident Response offering and the role of Cyber Incident Response lead, specifically for cases that require Dutch language and have come in through the BeNeLux office. As such this require requires fluency in Dutch.
As a Commercial Cyber Incident Response Lead, you will foster and grow existing relationships within the Incident Response ecosystem, as well as build new relationships and partnerships within the Incident Response ecosystem. Focus is on insurance and legal partnerships within the Netherlands, Belgium and Luxemburg.
As a Cyber Incident Response Lead, you will work across the full lifecycle of security incidents to help our clients respond and recover, including:
- Collecting technical evidence from client environments.
- Ingesting evidence into analysis platforms such as forensic analysis tools or log analysis platforms.
- Investigating cyber incidents to determine whether the confidentiality, integrity or availability of the information has been affected.
- Gathering intelligence on threat actors to inform decision-making in high pressure situations.
- Advising clients on containment actions designed to limit the effects of cyber incidents.
- Deploying technologies such as endpoint detection and response solutions or tactical SIEM.
- Assisting the recovery of clients’ IT infrastructure during and after cyber attacks.
- Communicating technical language into key takeaways for executives.
Other features of the role include:
Variety of casework: no day will be the same. Our team responds to a huge variety of incidents for both public and corporate clients.
Range of opportunities: you will have opportunities to broaden your security awareness into testing and advisory projects, in addition to deepening your incident response expertise.
Flexible working practices: responding to incidents can be intense, high-pressure work. We are mindful of our team’s work/life balance and offer flexible working options to support your wellbeing.
WHAT WE’RE LOOKING FOR
We think candidates with the following qualifications and experience are likely to succeed as Cyber Incident Responders at S-RM.
That said, if you don’t think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box—we’re looking for candidates that are particularly strong in a few areas and have some interest and capabilities in others.
We nurture a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.
We’re looking for:
- Tertiary education (HBO/WO) or relevant industry experience
- Ideally some experience in responding to a variety of cyber incidents
- Ideally some commercial experience within the IR ecosystem including with legal and insurers
- Any experience presenting verbal updates or written reports to internal/external stakeholders with non-technical backgrounds would be highly beneficial. It would also be a benefit if you have prior consulting experience, though it is not a requirement
Demonstrable knowledge in some of the following areas:
- Endpoint Forensic Analysis
- Malware Analysis
- Network Forensics
- Cloud Forensics
- Mobile Device Analysis
- Evidence Handling and Preservation
- Industrial Control Systems and Operational Technology
- Common enterprise security technologies (endpoint protection, SIEM, IDS/IPS, EDR, DLP)
- Windows system administration and associated concepts
- Identity management including Active Directory
- Managing routers, gateways and switches
- Virtualisation technologies (ESXI, VMWare etc.)
- Linux administration
- Email infrastructure (Office 365, on-premise Exchange)
- Remote access infrastructure
Relevant industry certifications are not required for this role. However, holding any of the following is beneficial: GCFE, GCFA, EnCE, CFSR, CISSP, GREM, CCNA, MCFE, OSCP, Network+ and Security+
The successful candidate must have permission to work in the Netherlands by the start of their employment.
OUR BENEFITS
We offer thoughtful, balanced rewards and support to help our people do their best work and live their lives outside it, including:
- Maternity and paternity benefits including:
- Maternity leave: 26 weeks full pay followed by 13 weeks half pay
- Paternity leave: 6 weeks of full pay
- 25 holiday days per year, which increases with service to a maximum of 30 days + public holidays
- 6% matching pension contribution
- Several options around mobility such as an OV-card or a lease car
- 4 x annual salary life insurance
- EAP for your mental wellbeing, including counselling sessions available to you and your family
- Free access to the world-famous mindfulness app Headspace
- Flexible working hours
- Extensive training available, including through LinkedIn Learning with access to more than 13,000 different courses
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory CISSP Cloud EDR EnCE Forensics GCFA GCFE GREM IDS Incident response Industrial IPS IT infrastructure Linux Log analysis Malware OSCP SIEM VMware Windows
Perks/benefits: Career development Flex hours Parental leave
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.