Cyber Security Incident Responder

We are looking for an enthusiastic and experienced Cyber Security Incident Responder (IR) to join our dynamic and growing team. The role holder will play a critical role in maintaining the security and resilience of Element’s digital infrastructure by effectively managing and progressing cyber incidents. This is a unique opportunity to be a founding key member of Cyber Defence. You will work closely with key stakeholders at all levels to develop what you see as a great 24/7 operational cyber defence capability. Whilst the role is not solely technical, we encourage applications from those with experience in Digital Forensics and Incident Response (DFIR). This position requires on call and overtime if there are very serious cyber attacks. Location in the UK is flexible.

Responsibilities:

• Help build Element’s IR capability. Implement best practice in line with NIST, SANS and other industry frameworks.
• Govern and coordinate cyber incidents. Act as the lead incident manager and technical authority for Cyber Defence.
• Conduct thorough investigations to reduce risk. Determine the root cause, impact, and identify remediation actions.
• Collaborate with cross-functional teams including IT, Privacy and Legal and senior stakeholders.
• Prepare and present written and verbal incident status reports to ensure the business is kept up to date.
• Conduct post-incident reviews and analysis to identify areas for improvement and help drive continuous improvement.
• Perform digital forensics on computer/network artefacts to assess the risk and impact of an incident. Perform malware analysis.
• Work closely with the Senior Manager Incident Response to input into the development of cyber defence metrics and Key Performance Indicators (KPI).
• Stay abreast of the latest cyber threats, attack vectors, and security technologies to continuously improve the organization's incident response capabilities.
• Develop and maintain strong relationships with external stakeholders, such as law enforcement agencies, cybersecurity vendors, and industry peers, to facilitate information sharing and collaborative incident response efforts.

Key Skills:

• A minimum of five years’ experience working in cyber security.
• 3-5 years experience of Digital forensics, plus the ability to manage large complex Cyber Incident responses.
• Experience of working within a complex highly federated organisation.
• A comprehensive understanding of cyber defence operations in both the public and private sectors.
• A Bachelor degree in computer science, information technology, or a related field is desirable but not essential, as are other relevant certifications (e.g., CISSP, CISM, GIAC).
• Attention to detail, strong analytical skills and efficient problem solving.
• The ability to think critically and make sound decisions in high-pressure situations.
• Cultural sensitivity and social flexibility in a global corporate environment.
• Experience in proactive communication to, and direct interaction with senior staff.
• The ability to convey complex information to a non-technical audience.
• A highly self-motivated individual with a positive mindset and can-do attitude.
• A strong believer in security as an enabler to support business growth.
• Knowledge of SIEM tooling, including experience in writing and developing advanced hunting queries.

Experience Needed to Fulfil the Role:

• Comprehensive experience of managing serious Cyber Incidents, as a Digital forensic incident responder.
• Experience in operating successfully within a large complex/federated enterprise environment.
• Demonstrable understanding of security monitoring, intrusion detection, prevention and control systems including firewalls, anti-virus, web proxies.
• Technical knowledge and practical experience in any associated area e.g., networks, malware analysis, digital forensics etc.
• Attention to detail, strong analytical skills and efficient problem solving.
• Cultural sensitivity and social flexibility in a global corporate environment.
• Experience and confidence in being able to communicate effectively with senior stakeholders.

Company Overview:

Element is one of the fastest growing testing, inspection and certification businesses in the world. Globally we have more than 9,000 brilliant minds operating from 270 sites across 30 countries. Together we share an ambitious purpose to ‘Make tomorrow safer than today’. When failure in use is not an option, we help customers make certain that their products, materials, processes and services are safe, compliant and fit for purpose. From early R&D, through complex regulatory approvals and into production, our global laboratory network of scientists, engineers, and technologists support customers to achieve assurance over product quality, sustainable outcomes, and market access. While we are proud of our global reach, working at Element feels like being part of a smaller company. We empower you to take charge of your career, and reward excellence and integrity with growth and development. Industries across the world depend on our care, attention to detail and the absolute accuracy of our work. The role we have to play in creating a safer world is much bigger than our organization.