Incident Analyst / Responder
What Does a Professional in this Career Do?
An Incident Analyst or Responder investigates an IT-related incident: an unplanned interruption to a service, a reduction in the quality of a service, or an event that has not yet impacted the service to the customer. Works to restore a normal service operation as quickly as possible and to minimize the impact on business operations.
Job Outlook
There were 246 Incident Analyst / Responder job postings in North Carolina in the past year and 7015 in the United States.
In combination with other careers in the Cyber / Information Security Engineer / Analyst industry, which includes the Incident Analyst / Responder career, the following graph shows the number of people employed for each year since 2016:
Salary
Many new Incident Analyst / Responder jobs have salaries estimated to be in the following ranges, based on the requirements and responsibilities listed in job postings from the past year.
National
The average estimated salary in the United States for this career, based on job postings in the past year, is $126,957.
State
The average estimated salary in North Carolina for this career, based on job postings in the past year, is $124,439.
Percentiles represent the percentage that is lower than the value. For example, 25% of estimated salaries for Incident Analyst / Responder postings in the United States in the past year were lower than $112,692.
Education and Experience
Posted Incident Analyst / Responder jobs typically require the following level of education. The numbers below are based on job postings in the United States from the past year. Not all job postings list education requirements.
| Education Level | Percentage |
|---|---|
| Associate's Degree | 0% |
| Bachelor's Degree | 64.69% |
| Master's Degree | 13.4% |
| Doctoral Degree | 2.15% |
| Other | 7.47% |
Posted Incident Analyst / Responder jobs typically require the following number of years of experience. The numbers below are based on job postings in the United States from the past year. Not all job postings list experience requirements.
| Years of Experience | Percentage |
|---|---|
| 0 to 2 years | 19.69% |
| 3 to 5 years | 48.58% |
| 6 to 8 years | 21.6% |
| 9+ years | 10.13% |
Skills
Below are listings of the most common general and specialized skills Incident Analyst / Responder positions expect applicants to have as well as the most common skills that distinguish individuals from their peers. The percentage of job postings that specifically mention each skill is also listed.
Baseline Skills
A skill that is required across a broad range of occupations, including this one.
- Communication (49.17%)
- Investigation (38.69%)
- Operations (32.57%)
- Leadership (31.28%)
- Management (30.79%)
- Problem Solving (26.36%)
- Information Technology (22.28%)
- Coordinating (19.37%)
- Research (18.43%)
- Writing (14.85%)
Defining Skills
A core skill for this occupation, it occurs frequently in job postings.
- Cyber Incident Response (21.61%)
- Endpoint Detection And Response (27.42%)
- Cyber Threat Intelligence (45.14%)
- MITRE ATT&CK Framework (15.98%)
- Malware Analysis (22%)
- EnCase (Digital Intelligence Software) (6.93%)
- Cyber Threat Hunting (23.03%)
- Computer Science (40.8%)
- Digital Forensics (21.49%)
- Incident Response (85.07%)
- Firewall (23.33%)
- Incident Management (21.02%)
- Cyber Security (75.82%)
- Operating Systems (22.97%)
- Network Forensics (9.95%)
- Log Analysis (12.08%)
- Security Information And Event Management (SIEM) (40.54%)
- Vulnerability (38.91%)
- Triage (26.37%)
- Splunk (22.92%)
Necessary Skills
A skill that is requested frequently in this occupation but isn’t specific to it.
- Security Investigations (4.02%)
- Cyber Operations (14.93%)
- Workflow Management (9.11%)
- Endpoint Security (8.49%)
- Cloud Security (11.44%)
- Threat Detection (10.83%)
- Cyber Defense (13.83%)
- Continuous Improvement Process (9.14%)
- Data Analysis (8.61%)
- Automation (13.93%)
- Amazon Web Services (15.32%)
- Case Management (1.92%)
- Auditing (14.26%)
- Microsoft Azure (18.93%)
- Unix (11.4%)
- Computer Networks (11.18%)
- Computer Engineering (7.59%)
- Key Performance Indicators (KPIs) (3.49%)
- Crisis Management (4.47%)
- Information Systems (14.84%)
- Security Controls (12.16%)
- Forensic Sciences (20.42%)
- Linux (27.78%)
- Standard Operating Procedure (5.53%)
- Python (Programming Language) (19.61%)
- Risk Analysis (5.9%)
- Risk Management (9.68%)
- IT Service Management (5.67%)
- Root Cause Analysis (9.86%)
- Network Protocols (10.07%)
- Intrusion Detection And Prevention (12.31%)
- Network Security (13.62%)
- Project Management (10.93%)
- Scripting (20.08%)
- Process Improvement (6.23%)
- Network Routing (3.85%)
- Vulnerability Management (13.02%)
- Windows PowerShell (13.58%)
- TCP/IP (8.97%)
- IT Security (13.58%)
- Mitigation (8.58%)
- ServiceNow (5.89%)
Distinguishing Skills
A skill that may distinguish a subset of the occupation.
- Memory Forensics (4.61%)
- Snort (Intrusion Detection System) (3.2%)
- IBM QRadar (SIEM Software) (2.49%)
- Cyber Investigations (3.34%)
- Incident Communication (1.39%)
- Cyber Kill Chain Framework (5.79%)
- Network Traffic Analysis (5.41%)
- Computer Forensics (7.58%)
- Forensics Tools (Digital Forensics Software) (2.94%)
- Forensic Toolkits (5.9%)
Salary Boosting Skills
A professional who wishes to excel in this career path may consider developing the following highly valued skills. The percentage of job postings that specifically mention each skill is listed.
- MITRE ATT&CK Framework (17.22%)
- Cyber Incident Response (23.28%)
- Cyber Threat Intelligence (48.64%)
- Network Traffic Analysis (5.83%)
- Incident Communication (1.5%)
- Cyber Kill Chain Framework (6.23%)
- Malware Analysis (23.7%)
- Cyber Security (81.69%)
- Digital Forensics (23.16%)
- Firewall (25.14%)
- Forensics Tools (Digital Forensics Software) (3.16%)
- Forensic Toolkits (6.36%)
- Network Forensics (10.72%)
- Security Information And Event Management (SIEM) (43.68%)
- Splunk (24.7%)
Alternative Job Titles
Sometimes employers post jobs with Incident Analyst / Responder skills but a different job title. Some common alternative job titles include:
- Incident Response Analyst
- Cybersecurity Incident Response Analyst
- Cybersecurity Analyst
- Incident Response Consultant
- Incident Response Manager
- Incident Manager
- Incident Responder
- Security Analyst
- Incident Response Engineer
- Incident Response Specialist
Similar Occupations
If you are interested in exploring occupations with similar skills, you may want to research the following job titles. Note that we only list occupations that have at least one corresponding NC State Online and Distance Education program.
- Cyber Security Engineer
- Cyber Security Manager / Administrator
- Vulnerability Analyst / Penetration Tester
- Cyber Security Architect
Common Employers
Here are the employers that have posted the most Incident Analyst / Responder jobs in the past year along with how many they have posted.
United States
- Accenture (226)
- CrowdStrike (189)
- Leidos (127)
- Mindpoint Group (127)
- Marriott International (125)
- Dell Technologies (121)
- Baylor Scott & White Health (113)
- SAIC (110)
- Red River (106)
- Teradata Operations (95)
North Carolina
- Truist Financial (12)
- Volvo (9)
- Accenture (8)
- MetLife (7)
- Deloitte (6)
- UnitedHealth Group (6)
- Duke Energy (5)
- KPMG (5)
- Cisco (5)
- Synchrony (4)
NC State Programs Relevant to this Career
If you are interested in preparing for a career in this field, the following NC State Online and Distance Education programs offer a great place to start!
All wages, job posting statistics, employment trend projections, and information about skill desirability on this page represents historical data and does not guarantee future conditions. Data is provided by and downloaded regularly from Lightcast. For more information about how Lightcast gathers data and what it represents, see Lightcast Data: Basic Overview on Lightcast's Knowledge Base website.