Job Details
CERT Incident Responder
R31416

Contract type: Full time

Discipline: Information Management/Technology

Location: Stevenage | Bolton

xcvxcvx

00 Job Description

The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)— including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs).

Salary: £50,000 - £60,000 depending on experience

Dynamic (hybrid) working: Minimum 2 days per week on-site due to workload classification

Security Clearance: British Citizen or a Dual UK national with British citizenship. Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by the MBDA Personnel Security Team.

What we can offer you:

Company bonus: Up to £2,500 (based on company performance and will vary year to year)
Pension: maximum total (employer and employee) contribution of up to 14%
Overtime: opportunity for paid overtime
Flexi Leave: Up to 15 additional days
Flexible working: We welcome applicants who are looking for flexible working arrangements
Enhanced parental leave: offers up to 26 weeks for maternity, adoption and shared parental leave -enhancements are available for paternity leave, neonatal leave and fertility testing and treatments
Facilities: Fantastic site facilities including subsidised meals, free car parking and much more…
Healthcare Cash Plan: The Healthcare Cash Plan benefit provides the option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more.

The opportunity:

The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)— including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs).

This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation.

Essentials:

Lead digital forensics and incident response (DFIR) activities, ensuring lab readiness, artefact management, and delivery of forensic objectives.
Maintain and enhance forensic tools and environments (e.g., Magnet Axiom, Autopsy) to ensure operational capability.
Conduct detailed forensic analysis, malware reverse engineering, and cyber investigation of complex incidents.
Ensure effective chain of custody, artefact preservation, and evidence handling processes.
Maintain accurate digital forensics documentation, incident playbooks, and readiness rehearsal materials.
Lead and execute tabletop exercises (TTEx) to test and improve incident response and forensic readiness.
Perform network and endpoint investigations, including AV scans, incident remediation, and validation of security alerts.
Collaborate with IM/DEx and Security Operations to enhance incident reporting, alerting, and notification services.
Deputise for CERT responders during major incidents or third-party attacks, coordinating with national and international partners (e.g., NCPC).
Develop and maintain enterprise security documentation, including policies, standards, baselines, and playbooks.

Desirables:

Identify root causes of security incidents and recommend sustainable mitigation strategies.
Manage remediation and closure of security cases, ensuring timely implementation of corrective actions.
Develop and maintain threat scenarios to validate detection and response across SOC, EDR, SIEM, and XDR platforms.
Translate threat intelligence into testable hypotheses and simulation exercises in collaboration with Threat Intelligence teams.
Utilise adversarial emulation tools (Caldera, Atomic Red Team, AttackIQ, SCYTHE, Cobalt Strike, etc.) to replicate realistic attacker behaviours.
Research and integrate emerging threats and TTPs into adversary emulation and validation methodologies.
Produce detailed reporting and metrics on detection coverage, response performance, and control effectiveness.
Support the wider IM/DEx team by validating new or updated controls against advanced threat simulations.
Support SOC operations with investigation, alert triage, and implementation of lessons learned from adversarial validation and DFIR activities.
Research and evaluate emerging security tools, technologies, and methodologies; provide gap analysis and recommendations to influence investment.
Deliver metrics, dashboards, and reports demonstrating adversarial resilience and capability maturity.
Contribute to small-to-medium cyber projects enhancing threat detection, emulation, and response maturity.

What we're looking for from you:

Demonstratable experience handling incidents, such as:
Ransomware containment + remediation
Business email compromise investigations
Cloud account takeover
Insider threat events
Large-scale phishing attacks
Leading incident response calls, advising leadership, and writing executive summaries

Our company: Peace is not a given, Freedom is not a given, Sovereignty is not a given

MBDA is a leading defence organisation. We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom.

We are proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity, Disability and more…

We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process.

Follow us on LinkedIn (MBDA), X (@MBDA_UK), Instagram (MBDA_UK) and Glassdoor or visit our MBDA Careers website for more information.

#LI-RM1

00 Benefits & Rewards

Annual Bonus

Every year in February, we reward our dedicated employees with an annual bonus. Exact amounts and percentages will vary by job grade and on business performance. This can be discussed/explained further with a member of the Resourcing team during your application process.

We are proud to say that we were able to award our annual bonus to employees even through tough economic times in recent years, when other employers were less fortunate.

25 Days Annual Leave (plus holiday purchase)

Employees receive 25 days of paid annual leave per calendar year, in addition to all statutory and public holidays.

After 5, 10 and 15 years of service, an additional day of annual leave is added to your allowance at each of these milestones.

You can also enjoy more time off by purchasing up to an additional five days holiday through payroll.

Dynamic Working

We trust our people to agree, within their teams, where and when they can be most effective. Our Dynamic Working policies allow individuals great levels of flexibility around the hours they work and where they work. Depending on your role and function, this may include options for paid overtime, dynamic leave (time in lieu) and more.

When applying, please check the job advert for details, then make sure to discuss what to expect with your recruiter.

VIDEO: What Dynamic Working Means to Me (click the image to open YouTube link)

Enhanced Parental Leave

We recognise that having or adopting a child is a significant life event for our employees and as a family friendly employer we offer a range of enhanced family leave provisions to support employees before, during and after a period of leave.

Our enhanced parental leave offers up to 26 weeks for maternity, adoption and shared parental leave. Enhancements are available for paternity leave, neonatal leave and fertility testing and treatments.

We also offer 2 weeks enhanced pay for paternity leave, and neonatal care leave for up to 12 weeks where a period of extended hospital care is required after birth. Employees also have access to support whilst undergoing fertility testing and treatments.

Lifestyle - Discounts & Vouchers

Discounts – The Discounts platform includes a great range of features such as: discounts, instant vouchers, reloadable cards, easy saver cards, cashback, mobile app and Wellbeing Centre.

Costco - Permanent employees of MBDA qualify for Costco’s individual membership.

Technology Vouchers – Purchase the latest gadgets and white goods up to the value of £2,500 and spread the cost over 12 months.

Charity Donations - Donate up to five charities each month, with full tax relief on all donations.

MyCar Scheme – The MBDA MyCar Scheme offers employees the opportunity to access up to two new vehicles via a salary sacrifice arrangement including an all-inclusive package.

Holiday Purchase – Purchase up to 5 days' extra holiday whilst making tax and National Insurance savings, spreading the cost over 12 months.

Gyms & Social Clubs

Healthworks Gym Membership - The Healthworks on-site gym at our Stevenage site offers a range of facilities and equipment, alongside a variety of classes available during the week.

Annual Gym Membership – Take advantage of discounted membership at over 3,600 of the UK's leading gym chains, leisure centres, hotel health clubs, independent gyms, boot camps and yoga studios.

The Club –The Club provides a fantastic opportunity to enjoy great social activities - from theatre trips, days out, to sporting activities.

Pension & Finance

Our MBDA Retirement Savings Plan is a 'Defined Contribution' plan in the Mercer Master Trust, administered by Scottish Widows. The standard contributions are 4% of an employee's base salary and 6% employer contributions. You can increase both employee and employer contributions by up to 2%.

Financial Awareness – Employees have access to free financial webinars hosted throughout the year, along with access to a financial education website which provides plenty of useful hints, tips and guidance on managing financial wellness.

Share Incentive Plan - Acquire shares in our UK Shareholder, BAE Systems PLC, the scheme is tax efficient on shares purchased.

Mortgage Advice – As part of our financial wellbeing initiative employees can access free of charge mortgage advice and webinars.

Season Ticket Loan – Employees can borrow the value of public transport season ticket for bus or train journeys to and from work and spread the cost over 12 months.

Critical Illness – To help reduce the financial impact after being diagnosed with a critical illness, employees receive a tax-free lump sum payment that can be used for any purpose including covering medical expenses, adjustments to lifestyle and more.

Share Incentive Plan

The Share Incentive Plan (SIP) is available for you to join and reinforces our commitment to long-term share ownership amongst our employees.

Free Financial Advice

We know money matters in life, so we want to make sure our employees are both paid what they deserve, and also have access to resources that can help them plan for the future.

Through selected partnerships, we offer a range of free seminars, held throughout the year, to help you make good financial decisions for now and the future.

Extracurricular Learning Budget

You can receive up to £150 towards the cost of approved courses each year including group language lessons.

Health and Wellbeing

Employee Assistance Programme - The Employee Assistance Programme is free, independent, confidential and is available 24 hours a day/365 days a year. Employees have access to short-term counselling (which includes up to 8 structured face to face, telephone or virtual sessions).

Voluntary Private Medical Insurance – Private Medical Insurance offers three healthcare plans to suit your individual requirements for you and your family.

Funded Private Medical Insurance - Eligible employees (Grade C & Above) are enrolled as standard into the company funded Private Medical Insurance benefit.

Dental Insurance – The Dental Insurance benefit provides the option to claim cash back on everyday dental expenses such as, minor treatments, routine examinations, restorative treatment and more. There are six levels of cover available, with each level providing increased claim limits.

Healthcare Cash Plan - The Healthcare Cash Plan benefit provides the option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more. There are six levels of cover available, with each level providing increased claim limits.

Healthcare and Leisure – The Healthcare and Leisure benefit provides the option to claim cash back on everyday healthcare expenses such as medical fees, dentist fees, opticians and also provides access to special deals and concessions on sporting and recreational facilities.

Employee Assistance Programme

Our employees' wellbeing is our priority. That's why everyone at MBDA UK can access free, confidential advice on a range of financial, personal and workplace issues, available 24/7.

00 Information

Training and Development

Development of our people is of vital importance to us at MBDA, which is why we ensure everyone has access to the teams, tools and resources needed to achieve their goals. This includes our dedicated in-house Learning & Development team, our Apprenticeship programmes, a variety of online learning platforms, and much more.

We encourage new learning and will provide up to £150 in financial support per year if you wish to participate in further study in your own time.

If you lead a team, or hope to do so in the future, we offer a range of management training opportunities, with paths designed for people of all experience levels.

Dynamic Working

We want our people to work when and where they feel they can be most effective. For most of our employees, we have a flexi-time scheme that allows you to choose, within certain parameters, when you start and finish each day and how you can use time you have accrued.

For roles that do not have to be based on one of our sites full-time, you will have opportunities to work from home as part of your agreed Dynamic Working arrangement.

If you have worked the time, you are also able to accrue and take up to 15 days of Flexi-leave per annum, in addition to the 25 days of annual leave provided and bank holidays.

Security Clearance

All employees at MBDA are required to hold UK Security or BPSS Clearance.

For further information, please view our Security & Vetting page.

Awards

We're proud to be a nationally recognised employer at MBDA. We have received a range of employer awards including Glassdoor Best Places to Work 2022; Gold awards from Investors in People, the 5% Club, and Armed Forces Covenant. We are also currently ranked #1 in the UK's Best Big Companies to Work For 2022 league table, as well as #1 for Manufacturing.

Check out our blog ("Our Stories") for the latest MBDA news and awards.

00 Related Stories

00 Related MBDA People

00 Related Jobs

Business Support Officer R28352

Contract type: Full time

Discipline: Administration

Location: Bristol

Data Engineer R26321

Contract type: Full time

Discipline: Information Management/Technology

Location: Stevenage | Bolton

Network Security Engineer (SOC) R29549

Contract type: Full time

Discipline: Information Management/Technology

Location: Stevenage

Search jobs

00 Apply for this role

CERT Incident Responder R31416

Contract type: Full time

We have detected you are using an IP outside of the UK

Before continuing your application, please note that as a defence industry employer, restrictions and/or limitations relating to nationality and/or rights to work will apply.

If you do not meet the necessary requirements, any application you submit will be rejected.

We only recommend continuing your application if you are confident of your right to work for us.

Please refer to our Security & Vetting policy for further information.

Job Details CERT Incident Responder R31416

00 Job Description