The first rule of any CISO/CSO is to have your Incident Response program, process and personnel in place to deal with the always present set of security challenges, 7×24. Incident response is NOT an optional item in any CISO/CSO’s portfolio.
Increased Demand for Incident Response Personnel
The dramatically increased demand for Incident Response personnel is real, and will be with us for the foreseeable future. Corresponding to the continuously expanding information security-related issues and situations, the greater the size of the “incident response army”. This is not a new notion, and has been put forward by the U.S. 5th Command, Cyber, starting with its first leader, General Keith Alexander, where he called for a tremendous ramp-up of ‘cyber warriors’. Gen. Alexander’s plea was to recruit young people into the pseudo military service of cyber. This was in 2010, so the ‘call to action’ is not new, yet is more keenly and viscerally understood by industry today – thus, the increased hiring of incident response personnel to be the ‘pilots’ to man and manage the complex array of security tools that are now a part of most SOCs.
Job, Jobs and More Jobs
Incident response can be an entry-level role, where security newbie’s can start their careers – while being tutored by more senior level personnel. It’s common for folks to start cutting their teeth in incident response, and then grow into other more senior or sophisticated security roles.
It can also be a senior role, where experience with computer forensics, network security operations, security analytics and Endpoint Detection and Response tools are required. Fundamentally, organizations are looking for people with a strong foundation in cyber security policy, operations and best practices.
A quick search on indeed.com for “incident response” yields 22,360 jobs. LinkedIn shows 14,990 Incident Response jobs in the US. If you’re not already looking at incident response as a viable job opportunity, think again! Many of these positions are with large IT vendors like IBM and HP. Other current job openings are with large companies like Google, Salesforce and Facebook.
Make $150,000 a Year or More
There’s a job for an Incident Response & Malware Analyst here in Los Angeles, CA that is advertised at $150,000 a year. Required skills include 1-5 years’ experience with reverse engineering software binaries, and 3-5 years’ experience with incident response.
In San Francisco, Blue Owl is looking for a Security Analyst. They are willing to pay $180,000 – $250,000 to fill this role. The Incident Response Army is building fast and growing furiously. Join the ranks of Incident Response professionals and you’re sure to enjoy job security for a long, long time.