Will “Cybersecurity Incident Response Analyst (Cyber)” be Automated?

Core Skills & Abilities

• Recommend cyber defense software or hardware to support responses to cyber incidents.

• Perform file signature analysis to verify files on storage media or discover potential hidden files.

• Adhere to legal policies and procedures related to handling digital media.

• Identify or develop reverse-engineering tools to improve system capabilities or detect vulnerabilities.

• Preserve and maintain digital forensic evidence for analysis.

• Analyze log files or other digital information to identify the perpetrators of network intrusions.

• Write technical summaries to report findings.

• Write and execute scripts to automate tasks, such as parsing large data files.

• Perform web service network traffic analysis or waveform analysis to detect anomalies, such as unusual events or trends.

• Maintain knowledge of laws, regulations, policies or other issuances pertaining to digital forensics or information privacy.

• Develop plans for investigating alleged computer crimes, violations, or suspicious activity.

• Maintain cyber defense software or hardware to support responses to cyber incidents.

• Develop policies or requirements for data collection, processing, or reporting.

• Perform forensic investigations of operating or file systems.

• Duplicate digital evidence to use for data recovery and analysis procedures.

• Recover data or decrypt seized data.

• Create system images or capture network settings from information technology environments to preserve as evidence.

• Write cyber defense recommendations, reports, or white papers using research or experience.

• Conduct predictive or reactive analyses on security measures to support cyber security initiatives.

• Write reports, sign affidavits, or give depositions for legal proceedings.