Cyber Security Incident Responder

We are looking for an enthusiastic and experienced Cyber Security Incident Responder (IR) to join our dynamic and growing team. The role holder will play a critical role in maintaining the security and resilience of Element’s digital infrastructure by effectively managing and progressing cyber incidents. This is a unique opportunity to be a founding key member of Cyber Defence. You will work closely with key stakeholders at all levels to develop a robust 24/7 operational cyber defence capability. While the role is not solely technical, we encourage applications from those with experience in Digital Forensics and Incident Response (DFIR).

This position requires on-call availability and overtime during serious cyber attacks. Location in the UK is flexible.

1. Help build Element’s IR capability and implement best practices aligned with industry frameworks such as NIST and SANS.
2. Govern and coordinate cyber incidents, acting as the lead incident manager and technical authority for Cyber Defence.
3. Conduct thorough investigations to reduce risk, determine root cause, assess impact, and identify remediation actions.
4. Collaborate with cross-functional teams including IT, Privacy, Legal, and senior stakeholders.
5. Prepare and present incident status reports to keep the business informed.
6. Conduct post-incident reviews to identify improvement areas and drive continuous enhancement.
7. Perform digital forensics on computer/network artefacts to assess incident risk and impact.
8. Perform malware analysis and stay updated on the latest cyber threats and attack vectors.
9. Develop and maintain cyber defence metrics and KPIs.
10. Build relationships with external stakeholders such as law enforcement, cybersecurity vendors, and industry peers for information sharing and collaborative response.

• Minimum five years’ experience in cyber security, with 3-5 years in Digital Forensics and managing large-scale Cyber Incident responses.
• Experience working within complex, highly federated organizations.
• Understanding of cyber defence operations across public and private sectors.
• Bachelor’s degree in computer science, IT, or related field preferred; relevant certifications like CISSP, CISM, GIAC are a plus.
• Attention to detail, analytical skills, and problem-solving capabilities.
• Critical thinking and decision-making skills in high-pressure situations.
• Cultural sensitivity and social flexibility in a global environment.
• Experience in proactive communication with senior staff and ability to convey complex information to non-technical audiences.
• Self-motivated with a positive, can-do attitude and strong belief in security as a business enabler.
• Knowledge of SIEM tools and experience in writing advanced hunting queries.

• Extensive experience managing serious cyber incidents as a Digital Forensic Incident Responder.
• Proven success operating within large, complex enterprise environments.
• Understanding of security monitoring, intrusion detection/prevention, and control systems including firewalls, anti-virus, and web proxies.
• Technical expertise in networks, malware analysis, digital forensics, etc.
• Effective communication skills with senior stakeholders.

Element is a rapidly growing testing, inspection, and certification company with over 9,000 employees across 270 sites in 30 countries. Our purpose is to ‘Make tomorrow safer than today’ by ensuring product safety, compliance, and quality through our global network of scientists, engineers, and technologists. We value integrity, growth, and the impact we make in creating a safer world.