CERT Incident Responder

The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs)., The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs).

This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation.

Essentials:

• Lead digital forensics and incident response (DFIR) activities, ensuring lab readiness, artefact management, and delivery of forensic objectives.
• Maintain and enhance forensic tools and environments (e.g., Magnet Axiom, Autopsy) to ensure operational capability.
• Conduct detailed forensic analysis, malware reverse engineering, and cyber investigation of complex incidents.
• Ensure effective chain of custody, artefact preservation, and evidence handling processes.
• Maintain accurate digital forensics documentation, incident playbooks, and readiness rehearsal materials.
• Lead and execute tabletop exercises (TTEx) to test and improve incident response and forensic readiness.
• Perform network and endpoint investigations, including AV scans, incident remediation, and validation of security alerts.
• Collaborate with IM/DEx and Security Operations to enhance incident reporting, alerting, and notification services.
• Deputise for CERT responders during major incidents or third-party attacks, coordinating with national and international partners (e.g., NCPC).
• Develop and maintain enterprise security documentation, including policies, standards, baselines, and playbooks.

Desirables:

• Identify root causes of security incidents and recommend sustainable mitigation strategies.
• Manage remediation and closure of security cases, ensuring timely implementation of corrective actions.
• Develop and maintain threat scenarios to validate detection and response across SOC, EDR, SIEM, and XDR platforms.
• Translate threat intelligence into testable hypotheses and simulation exercises in collaboration with Threat Intelligence teams.
• Utilise adversarial emulation tools (Caldera, Atomic Red Team, AttackIQ, SCYTHE, Cobalt Strike, etc.) to replicate realistic attacker behaviours.
• Research and integrate emerging threats and TTPs into adversary emulation and validation methodologies.
• Produce detailed reporting and metrics on detection coverage, response performance, and control effectiveness.
• Support the wider IM/DEx team by validating new or updated controls against advanced threat simulations.
• Support SOC operations with investigation, alert triage, and implementation of lessons learned from adversarial validation and DFIR activities.
• Research and evaluate emerging security tools, technologies, and methodologies; provide gap analysis and recommendations to influence investment.
• Deliver metrics, dashboards, and reports demonstrating adversarial resilience and capability maturity.
• Contribute to small-to-medium cyber projects enhancing threat detection, emulation, and response maturity.

• Demonstratable experience handling incidents, such as:
• Ransomware containment + remediation
• Business email compromise investigations
• Cloud account takeover
• Insider threat events
• Large-scale phishing attacks
• Leading incident response calls, advising leadership, and writing executive summaries, Applying all our energy and focus to every task, recognising our role in providing mission critical capabilities

Salary: £50,000 - £60,000 depending on experience

Dynamic (hybrid) working: Minimum 2 days per week on-site due to workload classification

Security Clearance: British Citizen or a Dual UK national with British citizenship. Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by the MBDA Personnel Security Team.

What we can offer you:

• Company bonus: Up to £2,500 (based on company performance and will vary year to year)
• Pension: maximum total (employer and employee) contribution of up to 14%
• Overtime: opportunity for paid overtime
• Flexi Leave: Up to 15 additional days
• Flexible working: We welcome applicants who are looking for flexible working arrangements
• Enhanced parental leave: offers up to 26 weeks for maternity, adoption and shared parental leave -enhancements are available for paternity leave, neonatal leave and fertility testing and treatments
• Facilities: Fantastic site facilities including subsidised meals, free car parking and much more...
• Healthcare Cash Plan: The Healthcare Cash Plan benefit provides the option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more ., At MBDA we value the contributions that our employees make every day towards our purpose. That's why we have lots of benefits in place to ensure that working at MBDA is rewarding in every sense.

We are always working to improve our offering, and rewards may differ depending on your role, so please make sure to ask our recruiters for more info when applying.

Annual Bonus

25 Days Annual Leave (plus holiday purchase)

Dynamic Working

Enhanced Parental Leave

Pension Scheme

Extracurricular Learning Budget

Employee Assistance Programme

Free Financial Advice

Share Incentive Plan

Subsidised Gym Membership

Cycle to Work Scheme

Discounts and Vouchers

Health and Dental Insurance

Costco Membership

MBDA is a leading defence organisation. We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom. We are proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity, Disability and more... We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process., A world leader in missiles and missile systems. Our multi-national organisation is made up of around 13,000 employees working across the UK, France, Italy, Germany, Spain and the US, and is the first truly integrated European defence company. As the European champion in our sector, our vision is to continue to grow our presence as a global player. Our mission is to achieve this by establishing ourselves as an industry leader; promoting co-operation and delivering technical and operational excellence to our customer. Through our combined expertise, we design and deliver innovative missiles and missile systems that help protect our future. We feel proud of the role we play in supporting the armed forces who protect our nations. We partner with our governments to work together towards a common goal defending our freedom., Stevenage: Our UK head office is located in Stevenage, Hertfordshire. With Stevenage train station just a few minutes walk away, and our site just a few minutes drive from the A1(M), our people come to work from towns in every direction.MBDA Stevenage has a campus-like community feel to it, with all the facilities you need on site including ample parking, a coffee shop, and a large cafeteria serving nutritious, seasonal meals every day. We also have an on-site (subsidised) gym, and a range of sports and social clubs to join. Bolton: Bolton is home to our state-of-the-art manufacturing site. Here you will find skilled Fitters, Engineers, Procurement specialists and many more dedicated teams helping us deliver our products in time and to the highest standards. Located just a short drive from Bolton, Wigan, Horwich and Chorley, the site is an easy commute for many, and has a subsidised restaurant on site, using fresh, seasonal ingredients to produce nutritional and delicious dishes., "At MBDA you always have to bear in mind that we are all a part of a very important process that defends our freedoms." - Balpreet, Supportability Engineer, Customer Support and Services. We share a unique responsibility that brings purpose to everything we do. We feel proud of the role we play in supporting the armed forces who protect our nations. We partner with our governments to work together towards a common goal defending our freedom. We believe in our values, code of ethics and have conviction in what we do. It's with a shared sense of purpose that we trust, value and respect the contribution that all of our colleagues bring every day.