author photo
By Clare O’Gara
Mon | Jan 20, 2020 | 6:30 AM PST

There's no shortage of unfilled cybersecurity jobs out there. So which one is your next move?

You might consider a role in incident response.

What are the expectations of a cybersecurity incident responder?

The name itself offers clues about the role.

Cyber defense incident responders respond to cybersecurity incidents.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has a list of expectations for this role:

  • Actively monitor systems and networks for intrusions
  • Identify security flaws and vulnerabilities
  • Perform security audits, risk analysis, network forensics, and penetration testing
  • Perform malware analysis and reverse engineering
  • Develop a procedural set of responses to security problems
  • Establish protocols for communication within an organization and dealings with law enforcement during security incidents
  • Create a program development plan that includes security gap assessments, policies, procedures, playbooks, training, and tabletop testing
  • Produce detailed incident reports and technical briefs for management, admins, and end-users
  • Liaison with other cyber threat analysis entities

How much do incident response professionals earn?

Even as a junior cyber defense incident responder, you'll be living comfortably.

According to the U.S. government, the median salary for this role is more than $80,000.

But with additional experience and seniority, we are hearing that this type of position can pay more than $150,000 a year.

Do you need a degree to get into cyber incident response?

The debate over degrees in various cybersecurity roles is constantly evolving.

According to CISA, for many of these roles, a degree is not required.

That said, having a bachelor's degree in cybersecurity or computer science can be a plus on your resume.

Which soft skills help advance an incident response role?

As a cyber defense incident responder, much of your work will be with computers, technology, and strategic partners within the business.

And according to CISA, there are important personal skills to have for this position. You should be:

  • Capable of handling stress
  • Flexible
  • A problem-solver
  • Analytical
  • Good at communicating

Hopefully, this information helps you respond to the possibility of moving into an incident response role in cybersecurity.

Interested in other cybersecurity roles? Check out our latest on cryptanalyst job functions.