Being part of any team can be difficult but being part of an incident response team can be more that difficult. The process of finding the right person is just as difficult. There are only a few people that truly possess the technical qualities someone might want on there team. What’s even harder is finding a technical person who can also perform at a high level in a stressful environment. This is the dilemma of finding the perfect mix of capabilities and qualities, either by sacrificing one in hopes of grooming the person or accepting what’s available at the time.
There are 6 key qualifications that are recommended for being on an incident response team.
Experience in running investigations that require different forms of technology
Experience in technical and administrative aspects of forensic examinations
Experience in network traffic analysis in a static and dynamic environment
Knowledge of industry application of applications and technology in an organization
Knowledge of enterprise information technology in a business environment
Knowledge of malicious code and its associated risk associated with its behavior
Though there are many other qualities one may look for in a candidate or would strengthen someone’s hopes of joining a team this would make a great foundation. Generally speaking, a person should also have certain characteristics to help them exceed on a team such as the following.
Attention to detail
Structured and organized problem-solving skills which have shown success
Can be dynamically paired on different teams with minimal conflicts
Can understand how different skillsets can be leveraged and the value in team members strengths