Prerequisite: What Do I Need to Get Into the Incident Response Industry?

You’ll need to understand how security works both on servers and desktops. You’ll need to understand the cloud and how routers, switches, and other gateways route traffic across TCP/IP. You need to understand firewalls and how to limit the amount of traffic that passes to an internal network. A good understanding of DDoS attacks is also useful, since this is one of the most common hacker attacks on a network. Since you need to understand how to act quickly, you’ll need some kind of experience working in the security world. You can take certifications to prove your proficiency in certain areas such as risk management and ethical hacking.

What do Incident Response Employees Do?

Incident response people are called in when a company needs someone to assess and fix security issues. Some issues are not security, but you must be able to identify technical problems and work with personnel to fix any issues. You usually work on a contract basis, and sometimes you get paid by the incident. Some companies keep you onsite and as a full time employee for general security issues. The great thing about this job is that you have the option to just be a contractor or go full time with benefits. The job can be stressful when hackers attack the network, but the education and salary offered from working hands-on in the industry is well worth the stress every once in a while.

How Much Can I Expect to Make as an Incident Response Person?

The amount of money you make depends on your experience and the specific security area you specialize in. Take a look at the following graph.

  Notice that a risk management analyst makes $140,000 each year. A basic incident response person makes about $92,000 each year. You can also be a basic IT security analyst and make about $100,000 each year. This position is usually the beginning for an incident response person. If you prefer the application side of things instead of working with networking equipment, you can also take an application security analyst position and make about $130,000 each year. A programming analyst who identifies issues in code makes about $130,000 each year as well. You can also work in a security operations center and make about $85,000 each year. If you like the exciting options of Internet and network security, a job in the incident response field requires fast-paced solutions in a highly technical industry.