Attack Surface Management Analyst

Attack Surface Management (ASM)Analystsdeliverour managed Polus Attack Surface Management serviceto our clientson a continuous basis to help them reduce risks to their internet-facing involvesvalidatingvulnerabilities performing manual discovery of their attacksurfaceand helping our clients interpret prioritised findings. Our aim is to become trusted advisors to our clients.

You will helpourclients to build cyber resilience enhance their understanding of the threatlandscapeand become better prepared to face dynamic and evolving security will involve being on the front foot of new and emerging threats and ensuring our clients receive quick feedback as to whether they may be affected and actions they can take.

1. Main Duties and Responsibilities

The main responsibilities of this role will include working closely with the ASM practice lead and Customer Success Managers to ensurethata high value service is delivered to clients. This will include:

• Technical testing; vulnerability scanning attack surface discovery manual exploit validation light-touchpentestingand Open-Source Intelligence (OSINT) gathering

• Client Engagement;translating client challenges into solutionsthat fit S-RMsASM service offerings and value propositionunderstanding and supporting the proposal process andensuring delivery timelines are understoodinlinewith project resourcing requirements

• Reporting;Delivering findings in a range of formats including via the Polus ASM platform via written reportand alsothrough Quarterly Service Reviews

You will alsobe requiredtokeep abreast of threat intelligencedevelopments andwork closely with S-RMs Threat Intelligence and Incident Response teams to integrate key data points into our service.

Support to other teams will berequiredwhere ASM is usedas a value-add toassessment-based engagementsin our Risk & Resiliencepracticeand alsowhere ASM is used to support incident investigation with our Incident Response practice.

You willbe requiredto work closely with the other managed service teams (Managed Detection and Response and Cyber Threat Intelligence) to ensurethatmanaged service delivery is unified across all three this you willalsobe given the opportunity to support and shape the development of the serviceby working with the ASM practice lead managed serviceteamsandtechnical development teams toidentifyopportunities for innovation and improvement.

1. Who are we looking for

We are looking for individuals keen to keep their finger on the pulse when it comes to the latest threats and vulnerabilities withgood client-facing skills needed to provide long term support to the organisations wework looking for prior Attack Surface Management experience (although bonus pointsif you do) butwerelooking for individuals who may fall into the following profiles with regards to experience:

• Pentesterswith a minimum of 1 year experience(including carrying out externalpentests)looking to specialise inthreat led approaches

• Cyber SecurityAnalysts with experience running vulnerability scans and triaging issues looking to move intomanaged service delivery with an offensive security focus

• Threat IntelligenceAnalystswith good knowledge of offensive security conceptsand familiarity with running security tooling keen to develop their technical skills

Candidates must have permission to work in the UK by the start of their employment

OUR BENEFITS

We offerthoughtful balanced rewards and support to help our people do their best work and live their lives outside it this includes but is not exhaustive of:

Our benefits

We offer thoughtful balanced rewards and support to help our people do their best work and live their lives outside it this includes but is not exhaustive of:

• 25 days holiday per year in addition to bank holidays (1 day for every year of service up to a maximum of 30 days);
• Hybrid working and flexible working hours;
• Matching pension contribution up to 7% and financial education;
• Fertility treatment leave 5 days of leave per cycle of treatment per year;
• Maternity leave 26 weeks of full pay followed by 13 weeks of half pay;
• Paternity leave 6 weeks of full pay.
• Private dental and medical insurance (taxable benefit) for you and your family;
• Virtual GP for you and your family members that live in the same household;
• Various gym discounts for you and your partner;

The role will be based in our London office. However we have flexible working arrangements available.

THE APPLICATION PROCESS

We want to get to know you and for you to get to know us to see if wed be a good fit. We are responsive and respectful of peoples time throughout our hiring process.

A typical application process includes:

1. Initial screening of your application by our recruiting team.
2. Interview to assess your baseline technical skills.
3. An interview to discuss your previous experience broader competencies and suitability for the role.

To apply for this role please send a cover letter and CV to: Job Application for Attack Surface Management Analyst at S-RM