Detect breaches in network security, understand alerts and inform incident response team about system breaches.
Occupational Profile
The primary role of a Cyber Intrusion Analyst is to detect breaches in network security for escalation to incident response or other determined function. An Intrusion Analyst will typically use a range of automated tools to monitor networks in real time, will understand and interpret the alerts that are automatically generated by those tools, including integrating and correlating information from a variety of sources and in different forms and where necessary seek additional information to inform the Analyst’s judgment on whether or not the alert represents a security breach. When an Analyst has decided that a security breach has been detected, he or she will escalate to an incident response team, or other determined action, providing both notification of the breach and evidence with reasoning that supports the judgment that a breach has occurred. An Analyst will typically work as part of a team (or may lead a team) and will interact with external stakeholders, including customers and third party sources of threat and vulnerability intelligence and advice.
Summary of standard
https://www.instituteforapprenticeships.org/apprenticeship-standards/cyber-intrusion-analyst/
Full standard
https://www.instituteforapprenticeships.org/media/1126/cyber_intrusion_analyst.pdf
