Incident responder
Description
- Acts as the first line of defence, identifying and assessing the impact of cyber security incidents in real-time.
- Contains threats to limit damage, eradicate the presence of cyber threats, and prevent further unauthorised access.
- Collects and analyses digital forensics evidence to understand the scope and method of the attack.
- Implements measures to remediate vulnerabilities and assist in recovery efforts to restore systems and data affected by incidents.
- Contributes to the post incident recovery and review, providing input for improving the incident response plan and security posture.
Key SFIA skills
- Continuity management COPL
- Customer service support CSMG
- Digital forensics DGFS
- Incident management USUP
- Information security SCTY
- Security operations SCAD
- Stakeholder relationship management RLMT
Example job titles
- Cyber Defence Incident Responder
- Security Event Analyst
- Security Incident Responder
- Security Response Analyst
For more information, see Occupation 271136 – Cyber Security Operations Coordinator
Also see related Incident responder career pathway.