Incident Responder Jobs

Latest Incident Responder Jobs Listings

What is an Incident Responder?

An Incident Responder, sometimes also referred to as an Intrusion Analyst or CSIRT Engineer, is basically a cyber first-responder.
You role will involve providing a rapid initial response to any IT Security threats, incidents or cyber attacks on your organisation.

The job of Incident Responder will involve the use of a suite of forensic tools which will enable you to quickly investigate any issues as they develop. Once the cause of the problem has been identified, you will need to restrict any damage, provide immediate workarounds and if possible provide a solution or fix, so that any intrusion or threat to your organisation is negated rapidly.

What are the typical job duties for an Incident Responder?

Typical job duties for the role of Incident Responder include an immediate response to any new security threats, intrusions or exploits, as they occur. The role will include some penetration and vulnerability testing, network management, intrusion detection and prevention plus the maintenance of all IT Security in the live, or production, environment. Additionally it may be necessary to have a role in security audits, risk analysis and network forensics, where required, as part of the IT Security team at your organisation.
This job role will see you proactively monitoring your organisations IT networks and systems looking to detect any cyber threats or intrusions immediately as they arise.

You will need to have thorough understanding of the organisations IT networks and systems, in order to be able to carry out the duties of the job efficiently.

The role of ‘first responder’ means that it will be necessary to monitor traffic for any unusual activity or unauthorised access attempts at any time of the day or night, so shift work may be required from time to time.
Part of the job may also involve control of change management, ensuring orderly transitions during software or hardware fixes, upgrades and patches.
You will be focused on keeping the live IT Infrastructure of the organisation safe and secure at all times.

More specific Incident Responder. Analyst responsibilities may include:
1) Providing first-line response and initial management of any new or developing IT security related issues
As Incident Responder you will work with existing skilled IT Security staff, responding to cyber security threats in as near real-time as possible. An up to date understanding of relevant IT networks, security standards, authentication protocols, and security related hardware and software within the organisation is vital.

2) IT Security – Day to day tasks
Your role may involve day-to-day IT Security management and administration activities. You will be responsible for ensuring the security, as first-responder, to issues in all IT security related systems. These will include the LAN (Local Area Network), Public Key Infrastructure (PKI), plus the WAN (Wide Area Network), and VPN (Virtual Private Network). Using a specialist suite of IT Security monitoring tools and techniques, your role will see you providing a rapid and effective initial response as threats emerge. Some penetration and vulnerability testing will likely be required as part of your job. Reporting to senior IT management would be required during incidents caused by network intrusions and/or hacking attempts.

3) IT Security procedures, change management, training and support
You will likely be responsible for developing a set of procedures to be used during various types of IT Security incidents. Development and implementation of new corporate security policies may be necessary along with staff training relating to cyber security threats.

4) Gap assessments, testing and IT security fixes, tools and countermeasures
You will likely be involved in gap assessments, upgrade paths, bug fixes and necessary workarounds for new IT Security issues. Threat countermeasures using IT security tools and other rapid threat responses will be part of the job.

What hours will I work?

The job of Incident Responder is often a daytime role although shift work or flexi time may sometimes be necessary. You will likely be working an average 40 hours per week. Short-term IT Incident Responders, Contractors and Consultants may be paid a day rate. Additional work above agreed hours/days would normally be chargeable.

What skills do I need?

• Up to date knowledge of IT Security hardware, software and solutions
• C, C++, C#, ASM, PERL, Java, PHP or other scripting/programming skills may be required
• Knowledge of Forensic and eDiscovery tools such as Relativity, Clearwell, NUIX, EnCase, Helix, FTK etc.
• Practical experience using computer operating systems such as MS Windows, UNIX and Linux
• A problem-solving mind-set
• Working as part of a team, you need to be a good team player
• The ability to react quickly and efficiently under pressure
• Good communication skills as you will be reporting regularly to management and other stakeholders

What qualifications do I need?

• Some employees will desire a Bachelors degree in a related field such as Computer Science, IT or a Cyber-Security related field, but this is not a necessity
• Other employers will accept those that have relevant training and experience gained within a similar role

Incident Responder Salary

What can you expect to earn as an Incident Responder? The position of IT Incident Responder is an important role with many responsibilities. Salaries will of course vary depending on your own experience, your qualifications, the organisation and sector plus whether you are employed on a full-time, short-term Contractor or Consultant basis.

According to Simply Hired* the average Salary expectations for the role of Incident Manager (the closest match available) is £83,000 or £63,846 at a conversion rate of 1.3 for USD/GBP

Sources: * SimplyHired – http://www.simplyhired.com/salaries/search?q=incident+manager&l=