Incident Analyst Job Description
Incident Analyst Duties & Responsibilities
To write an effective incident analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included incident analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Incident Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Incident Analyst
List any licenses or certifications required by the position: ITIL, GSEC, SEC401, CCNA, IAT, GCIH, II, GCIA, CEH, GNFA
Education for Incident Analyst
Typically a job would require a certain level of education.
Employers hiring for the incident analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Associate Degree in Computer Science, Technical, Education, Engineering, Information Technology, Information Systems, Information Security, Technology, Business, Cyber Security
Skills for Incident Analyst
Desired skills for incident analyst include:
Desired experience for incident analyst includes:
Incident Analyst Examples
Incident Analyst Job Description
- Drive and improve service stability through rapid incident detection and response
- Restore service as quickly as possible through execution of the major incident management processes
- Provide service protection functions including the management of risk scenarios and execution of detailed incident close out activities
- Provide process governance and compliance oversight for all incidents
- Assist in detection and prioritisation of incidents using key Service Management tools and processes
- Continuously develop and implement improvements to tools and processes to support W&SM (Workplace & Service Management) KPI's
- Assist in providing full incident communications services to our technology and business teams and help maintain these tools so they are fit for purpose at all times
- Participate in post incident review forums and activities if required
- Identifies vulnerabilities
- Participates in the analysis of log files to identify and collect artifacts related to security incidents
- Security certifications such as CISSP, GPEN, GREM, GCFA, GCIH is a plus
- Leverage extensive experience in threat detection, penetration testing, forensics & response
- Identify opportunities to optimize and consolidate platforms, process & technical design
- Utilize tools in place to design efficient, sustainable detection approaches
- Build a sustainable and agile incident detection and response process with automation as a key element
- Key focus areas involving known/anomalous threats, operations and insider/behaviors
Incident Analyst Job Description
- Exposure to firewalls, intrusion prevention systems and other various security applications (administering, troubleshooting)
- Malware (sandboxing platforms)
- Produce major incident and problem reports for all major incidents and problem investigations internal notification to senior management
- Drives implementation of standard end-to-end application and execution of the Incident Management process across the global IT organization
- Coordinates and manages the Incident Management process activities across the global IT organization and with external suppliers to agreed global and local SLAs
- Acts as the point of contact for incident management and is responsible to appropriately escalate to expedite incident resolution
- Routinely monitors and reviews the incident management information and process, identifying and driving improvements to the effectiveness and efficiency of the process
- Supports Incident Management reporting (for example, metrics, KPIs and dashboards)
- Responsible for the administration of any incident management tool(s)
- Strong Focus on customer and communications
- Intermediate to advanced skills working with ITSM Toolsets
- Three (3) plus years of incident response experience
- Three (3) plus years of forensic analysis
- Ability to translate customer needs into technical solutions and recommendations
- Certifications including, CFCE, GCFE, OSCP, GCIA, CFE, CISSP or similar
- Works effectively in the face of stress, ambiguity, difficult situations, and shifting priorities
Incident Analyst Job Description
- Represent the first stage of Incidents providing basic troubleshooting within the boundaries of the Level 1 service catalogue
- Monitor ServiceDesk records and analyse reports, taking preventative action to ensure Service Levels are met across the IT operational group
- Observe and offer suggestions to GSD Operations for any noted process improvements
- Conduct host based digital forensics on suspect devices
- Operational environment by creating and maintaining forecasting models
- Operational reporting, quality and customer satisfaction surveys
- Responsible for incident activity to ensure all tickets are being worked and resolved within the correct ticket urgency, proper team assignment, within all SLAs, and updating all relevant incident data within the corresponding ticket
- Create the ticket and troubleshoot - reach out to signal, telecommunications
- Lead triage of critical production incidents relating to PTC and EMS while coordinating all functional resources (Signal, Mechanical, Telecom, Back Office )
- Creating PTC and EMS knowledge management documentation
- Actively liaise with the Service Leads and Complaints function to ensure that incidents are accurately identified
- Work with the Information Governance and Quality Assurance Manager to identify breaches of Group and Business Unit policies
- Manage and monitor incidents to resolution, working with Service Leads and Subject Matter Experts
- Work with the Information Governance and Quality Assurance Manager to proactively drive the delivery of reports to the client and internal stakeholders
- Liaise with the client representatives on Incident Management and Continual Improvement activity
- Analyse trends, identify failures in process, and liaise with Service Leads and Subject Matter Experts to identify the root cause, implement lessons learnt/action plans
Incident Analyst Job Description
- Assists in the coordination of Rapid Response & Recovery activities across the company
- Oversees the daily duties of the PTC Operations Support Team (POST) desk and creates/maintains the rotating shift schedule
- The primary purpose of the Incident Analyst role is to ensure that impacting incidents are managed effectively and professionally, resulting in the restoration of normal service quickly, efficiently and with minimal impact to customer service
- Facilitate the execution of stop sales, and, regulatory and safety recalls
- Facilitate the financial and risk escalation for appropriate approvals
- Facilitate the communication of recalls to consumers and the regulators
- Manage compliance to the PIM process and timelines, escalating as appropriate
- Coordinate the PIM activities of stakeholders, including Risk Management, Merchandising, Product Quality Assurance, Dealer, Corporate Communicates and Customer Relations
- Produce ad hoc and regular operational reporting on PIM activities
- Identification of process gaps
- Actively engage in improvement activity for the Business Unit’s Services
- Assist the Quality and Standardisation Manager on Business Continuity and Disaster Recovery exercises as appropriate
- Assist any Change Management and/or Transformation colleagues in identifying risks
- Enhance Business Unit Knowledge Bases and Guidance documentation to reduce incidents
- General technical leadership – having managed technical (security related) projects especially Incident Management
- Direct experience in of the following domains (and their associated tools) preferably with a recognized qualification
Incident Analyst Job Description
- Maintain and continuously improve the process, toolkits, and systems for managing business incidents
- Monitor business incidents to confirm they are promptly contained, remediated, analysed and corrected for root cause, recorded, and reported to senior management as needed
- Periodically monitor incident records to confirm documentation is appropriate and trends or systemic issues are identified
- Develop and deliver training to relevant employees on incident management including root cause analysis
- Develop and deliver reports to oversight functions and the Statutory Board to provide insight on incidents
- Partner with process, assurance, change, and incident managers to drive focus on incident identification and implementation of controls to prevent recurrence of incidents
- Escalate and facilitate incident response as needed to ensure that service operations are restored as quickly as possible
- Collect incident response metrics and recommends process improvement measures to drive efficiencies and effectiveness in responding to issues
- Coordinate with technical and business teams during incident response
- Coordinate post incident resolution process and reporting
- Knowledge of security applications or processes in of the following platforms SCADA and Industrial Control Embedded systems CEH, CISSP, Encase, scripting
- Processes, Train dispatching, and understanding of general code of operating rules preferred
- Must demonstrate a general understanding of information technology, networking concepts, cyber security incident and forensics analysis principles, theories, concepts and techniques
- Of the following certifications are preferred CISSP, GIAC Certifications - GCIA, GCIH
- Knowledge of malware behavior and techniques employed by attackers to evade existing security controls
- Experience in penetration testing, threat intelligence and detection of incidents/network monitoring - Knowledge of security applications or processes in of the following platforms SCADA and Industrial Control Embedded systems CEH, CISSP, Encase, scripting