All the latest news on the Qufaro Cyber EPQ

Are you a Firefighter?

Posted on

A firefighter would be working in the Cyber Security Incident Response Team (CSIRT). Any company with an online presence makes it a vulnerable global target to cyber threats with a challenging cyber-attack landscape pursued by an intelligent and evolving enemy.

Incident response (IR) is a structured methodology for handling security incidents, breaches, and cyber threats. A well-defined incident response plan allows you to effectively identify, minimize the damage, and reduce the cost of a cyber attack, while finding and fixing the cause to prevent future attacks.

During a cybersecurity incident, security teams will face many unknowns and a frenzy of activity. In such a hectic environment, they may fail to follow proper incident response procedures to effectively limit the damage. This is important because a security incident can be a high-pressure situation, and your IR team must immediately focus on the critical tasks at hand. Clear thinking and swiftly taking pre-planned incident response steps during a security incident can prevent many unnecessary business impacts and reputational damage.

Links with the CyberEPQ Modules

What does a Firefighter do?

A Fire-fighter is expected to detect and respond to cyber security incidents. As a firefighter you will continually grow your skills and experience. When not responding to incidents, you may be working to build in-house incident response capabilities, which may include; building and developing cyber response tools, authoring and adapting runbooks/playbooks, assessing the incident response maturity, and assisting in table-top cyber scenario exercises.

A firefighters main roles may include running thorough investigations of external cyber threats throughout the incident response (IR) cycle to protect customers, employees and brand. A firefighter may be expected to cross information from different security controls and collaborate with relevant teams and third parties to run analysis which reach accurate findings.

You can help your team perform a complete, rapid and effective response to a cyber security incident by having a comprehensive incident response (IR) plan in place. In addition, completing an incident response plan checklist and developing and deploying an IR policy will help before you have fully developed your IR plan.

The first priority is to prepare in advance by putting a concrete IR plan in place. Your organization should establish and battle-test a plan before a significant attack or data breach occurs. It should address the following response phases as defined by NIST Computer Security Incident Handling Guide (SP 800-61).

What are companies looking for?

UK Earning Potential

Upwards of £35,000 depending on geography, experience and definition *

* source: Indeed March 2020


Luke Voigt, Sept 2018, Incident Response Steps: 6 Tips for Responding to Security Incidents, viewed 11 March 2020

Learn more about the Seven Personae of Cyber

Find us on social media, and start your own conversation with #cyberepq

Our partners, sponsors and supporters

Immersive Labs
Heart of Worcestershire College
University Technical Colleges
City and Guilds
The National Museum of Computing

Sign up to our mailing list for news and updates

Your data will only be used by QUFARO to send you relevant news. Your data will never be shared with third parties unless you provide your consent for us to do so. Your data will be held securely and monitored under EU data protection law. You may unsubscribe at any time using the options provided in-email or by proactively contacting our administration team at [email protected]

© Bletchley Park Qufaro Ltd. Privacy Policy Refund Policy Site by Dgtl