Skip to main content

Beta What do you think of this service? Your feedback will help us to improve it.

  5. Incident Response Associate

Incident Response Associate

Role summary

Incident Response is the preparation for, handling of and following up of cyber security incidents, to minimise the damage to an organisation and prevent recurrence.

Role expectations

In this role you will:

  • Respond to alerts from monitoring/detection systems within defined SLAs
  • Following procedures, respond to and/or escalate cyber security incidents
  • Monitor security appliance health, performing basic troubleshooting of security devices and escalating severe problems to engineers
  • Maintain logs of all actions taken

Accreditation

For further information on accreditation in this role see the UK Cyber Security Council’s guide on incident response.

Skills

Incident management, incident investigation and response

Practitioner

Information risk assessment and risk management

Practitioner

Intrusion detection and analysis

Working

Threat intelligence and threat assessment

Working

Applied Capability Security

Awareness

Protective Security

Awareness

Threat Understanding

Awareness

Learning Pathway

Core learning

Certificate in Digital Forensics

CREST Practitioner Intrusion
Analyst (CPIA)

EC-Council Certified SOC Analyst

Recommended for Associate level

CREST Registered Intrusion Analyst (CRIA)

EC Council Computer Hacking Forensic Investigator

Sign up to UK Government Security

Subscribe to our newsletters to receive notifications when changes to strategy, policy, standards, and guidance are published on the website.

Sign up now