Incident Response/Incident Management

ps.89ps.89 Member Posts: 33 ■■■□□□□□□□
Are any of you familiar with incident response/incident management as an actual role in IT? In my experience, this type of position is less technical and mainly focuses on alert monitoring/escalation and quality control of incidents (ensuring tickets are filled out properly, has detailed notes/documentation, and ensuring teams resolve incidents within SLA).  Is it a standard practice to have teams dedicated to just this?
Complete: BS in Networking, CCENT
2019 Year Goals: CCNA
Future Goals: CCNP:Security, CISSP

Comments

  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■□□□□□
    I have seen a few jobs labeled as Incident Management Coordinator or similar and based on the description it seems to be in-line with what you are saying. If a job is listed as Incident Response though, it is much more likely to be the technical activities such as forensics and reviewing logs/alerts.

    If a company had the Incident Management job, I would look at the size of the organization (larger companies have more roles and the need for coordinators)....but if the company seems medium or smallish, they probably have so many things going on along with trouble tuning their alerts and responses so that role will be busy.
  • UnixGuyUnixGuy SABSA, GCFA, GPEN, CISM, RHCE, Security+, Server+, eJPT, CCNA Mod Posts: 4,082 Mod
    yes I'm familiar with it and it can be a job from hell. Getting called at all times of the day at any hour, to get all the resources on a technical bridge to deal with an incident. It depends on how busy the organisation is. I wouldn't do it
    Goal: MBA, Jan 2021
  • JDMurrayJDMurray Certification Invigilator Surf City, USAAdmin Posts: 11,523 Admin
    IR varies depending upon the organization and your IR role. You could be an incident commander running a bridge with 100 people all trying to give or receive information, or you could be the equivalent of tier 1 help desk support taking reports from employees who have received suspicious phone calls or emails. The job description and the excellent questions that you ask in the first-round interview will give you a good idea of what you are getting yourself in to. To really get the inside poop on the job, there is nothing better than having a friend already working on the team that is hiring.
  • ps.89ps.89 Member Posts: 33 ■■■□□□□□□□
    Thanks for the comments, everyone
    Complete: BS in Networking, CCENT
    2019 Year Goals: CCNA
    Future Goals: CCNP:Security, CISSP
Sign In or Register to comment.