Incident manager

Description

• Oversees the incident response process, ensuring policies and protocols are followed during cyber security incidents.
• Communicates the impact and risks related to cyber security incidents to executive level leadership using the language of risk management.
• Coordinates between different technical and non-technical teams and stakeholders to manage the communication and resource allocation during an incident.
• Develops and maintains the organisation's incident response plan, regularly updating procedures based on evolving threats.
• Analyses incident reports and metrics to improve response strategies and enhance future preparedness.
• Ensures organisation follows legal and regulatory requirements related to incidents including data breaches and reporting.
• Coordinates the scheduling and execution of incident response exercises with incident responders and other key teams.

Key SFIA skills

• Customer service support CSMG
• Incident management USUP
• Information assurance INAS
• Information security SCTY
• Security operations SCAD
• Stakeholder relationship management RLMT

Example job titles

• Incident Response Consultant
• Principal Specialist Cyber Security

For more information, see Occupation 271136 – Cyber Security Operations Coordinator

Also see related Incident manager career pathway.