Skip to content
ESCO occupation

cyber incident responder

Back to ESCO occupations

Cyber incident responders monitor and assess cybersecurity state systems, analysing, evaluating, and mitigating the impact of cybersecurity incidents. Moreover, they identify malicious actors and cyber incidents root causes. According to the organisation’s Incident Response Plan, they restore systems and process functionalities to an operational state, collecting evidence and documenting actions taken.

2529.7 ISCO 2529 ESCO source
Competences
76
Groups
5
Essential
24
Optional
52

Competences and skills

76 ESCO relations
Essential competences 1 competence

Occupation specific

0 competences

No competences in this bucket.

Sector-specific

0 competences

No competences in this bucket.

Cross-sector

0 competences

No competences in this bucket.

Essential knowledge 15 competences

Occupation specific

0 competences

No competences in this bucket.

Sector-specific

11 competences
attack vectors

Paths or methods that threat actors use to exploit vulnerabilities in information networks or systems from a concrete organisation and impact its availability, integrity and confidentiality. Attack vectors may include social engineering tactics such as phishing mails or pretexting, technical exploits as SQL injection as well as buffer overflow attacks.

digital
ESCO source
building systems monitoring technology

Computer-based control systems that monitor mechanical and electrical equipment in a building such as HVAC, security and lighting systems.

digital
ESCO source
cyber attack counter-measures

Methods, technologies and techniques used to defend (detect, monitor and recover) against cyber attacks. These cyber attacks include several attack vectors such as malware, denial of service (DoS) attacks and phishing. Intrusion prevention systems (IPS), firewall, antivirus, intrusion detection systems (IDS), cybersecurity training, backup, Information Security Management System (ISM), multi-factor authentication and employ awareness, are some examples of the methods used.

digital
ESCO source
cyber security

The methods and best practices that protect ICT systems, networks, computers, devices, services, processes and people against unauthorised access, modification and/or denial of service of assets.

digital
ESCO source
ethical hacking principles

The set of actions that are carried out to detect vulnerabilities within a computerised system in order to improve security within an organisation. They aim to identify and address data breaches and threats in a network.

digital
ESCO source
GDPR

The General Data Protection Regulation is the EU regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

digital
ESCO source
ICT network security risks

The security risk factors, such as hardware and software components, devices, interfaces and policies in ICT networks, risk assessment techniques that can be applied to assess the severity and the consequences of security threats and contingency plans for each security risk factor.

digital
ESCO source
ICT security legislation

The set of legislative rules that safeguards information technology, ICT networks and computer systems and legal consequences which result from their misuse. Regulated measures include firewalls, intrusion detection, anti-virus software and encryption.

digital
ESCO source
ICT security standards

Best practices and guidelines established for securing information and communication technology (ICT) systems and data. Standards as is the case of ISO 27000 series, provide a framework for implementing effective security controls, including access control, risk assessment and incident management, as well as to provide compliance of anorganisation.

digital
ESCO source
incidents and accidents recording

The methods to report and record incidents and accidents in the workplace.

ESCO source
operating systems

The features, restrictions, architectures and other characteristics of operating systems such Linux, Windows, MacOS, etc.

digital
ESCO source

Cross-sector

4 competences
operational tactics for emergency responses

The characteristics and proceedings of operational tactics for emergency responses especially at major incidents and catastrophes.

ESCO source
risk management

The process of identifying, assessing, and prioritising of all types of risks and where they could come from, such as natural causes, legal changes, or uncertainty in any given context, and the methods for dealing with risks effectively.

ESCO source
security engineering

Interdisciplinary field of study that focuses on the realisation of secure systems and the technology to protect individuals or information from malice, errors, or unauthorized access. It involves defining security protection requirements, processes, and methods to ensure the resilience of systems and data.

ESCO source
security threats

Types of cyber or physical security threats to public and private security such as unauthorised entry, aggressive behaviour, molestation, robbery, theft, hacking, malware, phishing, identity theft, assault, kidnapping, murder and public demonstration.

ESCO source
Essential skills and competences 8 competences

Occupation specific

0 competences

No competences in this bucket.

Sector-specific

3 competences
collect cyber defence data

Collect data for cyber defence using various data collection tools. Data may be gathered from a number of internal or external sources such as online trade records, DNS request logs, email servers' logs, digital communications packet capturing, deep web resources, etc.

digital
ESCO source
handle cybersecurity incidents

Detect, identify, analyze, and respond, to cybersecurity incidents in an organization's systems or network. It involves incident response plans such as intrusion detection systems, log analysis, and documenting detailed information about potential incidents.

digital
ESCO source
provide ICT consulting advice

Advise on appropriate solutions in the field of ICT by selecting alternatives and optimising decisions while taking into account potential risks, benefits and overall impact to professional customers.

ESCO source

Cross-sector

4 competences
communicate with stakeholders

Facilitate communication between organisations and interested third parties such as suppliers, distributors, shareholders and other stakeholders in order to inform them of the organisation and its objectives.

ESCO source
create incident reports

Fill in an incident report after an accident has happened at the company or facility, such as an unusual event which caused an occupational injury to a worker.

ESCO source
engage with stakeholders

Use a variety of processes that result in mutually negotiated agreements, shared understandings and consensus building. Build partnerships within the work context.

ESCO source
protect ICT devices

Protect devices and digital content, and understand risks and threats in digital environments. Know about safety and security measures and have due regard to reliability and privacy. Make use of tools and methods which maximise security of ICT devices and information by controlling access, such as passwords, digital signatures, biometry, and protecting systems such as firewall, antivirus, spam filters.

digCompdigital
ESCO source
Optional knowledge 21 competences

Occupation specific

0 competences

No competences in this bucket.

Sector-specific

17 competences
C++

The techniques and principles of software development, such as analysis, algorithms, coding, testing and compiling of programming paradigms in C++.

digital
ESCO source
cloud monitoring and reporting

The metrics and alarms utilizing cloud monitoring services, in particular performance and availability metrics.

digital
ESCO source
cloud security and compliance

Cloud security and compliance concepts, including shared responsibility model, cloud access management capabilities, and resources for security support.

digital
ESCO source
cloud technologies

The technologies which enable access to hardware, software, data and services through remote servers and software networks irrespective of their location and architecture.

digital
ESCO source
defence standard procedures

Methods and procedures typical for defence applications such as the NATO Standardization Agreements or STANAGs Standard definitions of the processes, procedures, terms, and conditions for common military or technical procedures or equipment. Guidelines for capability planners, programme managers and test managers to prescribe the necessary technical standards and profiles to achieve interoperability of Communications and Information Systems.

ESCO source
embedded systems

The computer systems and components with a specialised and autonomous function within a larger system or machine such as embedded systems software architectures, embedded peripherals, design principles and development tools.

digital
ESCO source
ICT encryption

The conversion of electronic data into a format which is readable only by authorized parties which use key encryption techniques, such as Public Key Infrastructure (PKI) and Secure Socket Layer (SSL).

digital
ESCO source
ICT process quality models

The quality models for ICT services which address the maturity of the processes, the adoption of recommended practices and their definition and institutionalisation that allow the organisation to reliably and sustainably produce required outcomes. It includes models in a lot of ICT areas.

digital
ESCO source
ICT project management methodologies

The methodologies or models for planning, managing and overseeing of ICT resources in order to meet specific goals, such methodologies are Waterfall, Incremental, V-Model, Scrum or Agile and using project management ICT tools.

digital
ESCO source
information security strategy

The plan defined by a company which sets the information security objectives and measures to mitigate risks, define control objectives, establish metrics and benchmarks while complying with legal, internal and contractual requirements.

digital
ESCO source
internet governance

The principles, regulations, norms and programs that shape the evolution and use of internet, such as internet domain names management, registries and registrars, according to ICANN/IANA regulations and recommendations, IP addresses and names, name servers, DNS, TLDs and aspects of IDNs and DNSSEC.

digital
ESCO source
Internet of Things

The general principles, categories, requirements, limitations and vulnerabilities of smart connected devices (most of them with intended internet connectivity).

digital
ESCO source
lean project management

The lean project management approach is a methodology for planning, managing and overseeing of ICT resources in order to meet specific goals and using project management ICT tools.

digital
ESCO source
Process-based management

The process-based management approach is a methodology for planning, managing and overseeing of ICT resources in order to meet specific goals and using project management ICT tools.

digital
ESCO source
project management

The discipline of project management, the activities which comprise this area and the variables implied in it, such as time, resources, requirements, deadlines, and responding to unexpected events.

ESCO source
Python (computer programming)

The techniques and principles of software development, such as analysis, algorithms, coding, testing and compiling of programming paradigms in Python.

digital
ESCO source
web application security threats

The attacks, vectors, emergent threats on websites, web applications and web services, the rankings of their severity identified by dedicated communities such as OWASP.

digital
ESCO source

Cross-sector

4 competences
business intelligence

The tools used to transform large amounts of raw data into relevant and helpful business information.

digital
ESCO source
copyright legislation

Legislation describing the protection of the rights of original authors over their work, and how others can use it.

ESCO source
leadership principles

Set of traits and values which guide the actions of a leader with her/his employees and the company and provide direction throughout her/his career. These principles are also an important tool for self-evaluation to identify strengths and weaknesses, and seek self-improvement.

ESCO source
safety engineering

The study of the risks associated with engineered designs and systems, accident prevention as well as the safety benefits of reducing deaths and injuries. The discipline focuses on analysing and mitigating potential hazards in engineering processes.

green
ESCO source
Optional skills and competences 31 competences

Occupation specific

0 competences

No competences in this bucket.

Sector-specific

15 competences
consult with business clients

Communicate with clients of a business or business project in order to introduce new ideas, obtain feedback, and find solutions to problems.

ESCO source
develop information security strategy

Create company strategy related to the safety and security of information in order to maximise information integrity, availability and data privacy.

ESCO source
implement a firewall

Download, install and update a network security system designed to prevent unauthorized access to a private network.

digital
ESCO source
implement a virtual private network

Create an encrypted connection between private networks, such as different local networks of a company, over the internet to ensure that only authorized users can access it and that the data cannot be intercepted.

digital
ESCO source
implement anti-virus software

Download, install and update software to prevent, detect and remove malicious software, such as computer viruses.

digital
ESCO source
implement ICT risk management

Develop and implement procedures for identifying, assessing, treating and mitigating ICT risks, such as hacks or data leaks, according to the company's risk strategy, procedures and policies. Analyse and manage security risks and incidents. Recommend measures to improve digital security strategy.

digital
ESCO source
implement ICT security policies

Implement statements, assertions or rules that specify the appropriate use and protection of the ICT assets and systems from an organisation. These ICT security policies cover topics such as data classification, password management, access control and incident response.

digital
ESCO source
implement spam protection

Install and configure software that supports email-users to filter messages that contain malware or that are unsolicited.

digital
ESCO source
lead disaster recovery exercises

Head exercises which educate people on what to do in case of an unforeseen disastrous event in the functioning or security of ICT systems, such as on recovery of data, protection of identity and information and which steps to take in order to prevent further problems.

digital
ESCO source
manage changes in ICT system

Plan, realise and monitor system changes and upgrades. Maintain earlier system versions. Revert, if necessary, to a safe older system version.

digital
ESCO source
manage ICT change request process

Specify the incentive for an ICT change request, stating which adjustment in the system needs to be accomplished and execute or supervise the execution of it.

digital
ESCO source
manage IT security compliances

Guide application and fulfilment of relevant industry standards, best practices and legal requirements for information security.

digital
ESCO source
manage keys for data protection

Select appropriate authentication and authorization mechanisms. Design, implement and troubleshoot key management and use. Design and implement a data encryption solution for data at rest and data in transit.

digital
ESCO source
monitor system performance

Measure system reliability and performance before, during and after component integration and during system operation and maintenance. Select and use performance monitoring tools and techniques, such as special software.

digital
ESCO source
optimise choice of ICT solution

Select the appropriate solutions in the field of ICT while taking into account potential risks, benefits and overall impact.

digital
ESCO source

Cross-sector

16 competences
create project specifications

Define the workplan, duration, deliverables, resources and procedures a project has to follow to achieve its goals. Describe project goals, outcomes, results and implementation scenarios.

ESCO source
define quality standards

Define, in collaboration with managers and quality experts, a set of quality standards to ensure compliance with regulations and help achieve customers' requirements.

ESCO source
ensure information security

Ensure that the information gathered during surveillance or investigations remains in the hands of those authorised to receive and use it, and does not fall into enemy or otherwise non-authorised individuals' hands.

ESCO source
ensure proper document management

Guarantee that the tracking and recording standards and rules for document management are followed, such as ensuring that changes are identified, that documents remain readable and that obsoleted documents are not used.

ESCO source
give live presentation

Deliver a speech or talk in which a new product, service, idea, or piece of work is demonstrated and explained to an audience.

ESCO source
manage a team

Ensure clear and effective channels of communication across all departments within the organisation and support functions, both internally and externally ensuring that the team is aware of the standards and objectives of the department/business unit. Implement the disciplinary and grievance procedures as required ensuring that a fair and consistent approach to managing performance is consistently achieved. Assist in the recruitment process and manage, train and motivate employees to achieve/exceed their potential using effective performance management techniques. Encourage and develop a team ethic amongst all employees.

ESCO source
manage digital identity

Create and manage one or multiple digital identities, be able to protect one's own reputation, deal with the data that one produces through several digital tools, environments and services.

digCompdigitaltransversal
ESCO source
perform project management

Manage and plan various resources, such as human resources, budget, deadline, results, and quality necessary for a specific project, and monitor the project's progress in order to achieve a specific goal within a set time and budget.

research
ESCO source
perform risk analysis

Identify and assess factors that may jeopardise the success of a project or threaten the organisation's functioning. Implement procedures to avoid or minimise their impact.

ESCO source
perform scientific research

Gain, correct or improve knowledge about phenomena by using scientific methods and techniques, based on empirical or measurable observations.

research
ESCO source
protect personal data and privacy

Protect personal data and privacy in digital environments. Understand how to use and share personally identifiable information while being able to protect oneself and others from damages. Understand that digital services use a “Privacy policy” to inform how personal data is used.

digCompdigital
ESCO source
provide information

Ensure quality and correctness of provided information, depending on the type of audience and context.

ESCO source
provide user documentation

Develop and organise the distribution of structured documents to assist people using a particular product or system, such as written or visual information about an application system and how to use it.

ESCO source
remove computer virus or malware from a computer

Carry out actions to remove computer viruses or other types of malware from a computer.

digital
ESCO source
track key performance indicators

Identify the quantifiable measures that a company or industry uses to gauge or compare performance in terms of meeting their operational and strategic goals, using preset performance indicators.

ESCO source
troubleshoot

Identify operating problems, decide what to do about it and report accordingly.

ESCO source