GCIH
GCIH
GIAC Certified Incident Handler
GIAC / SANS
Incident handling credential focused on detecting intrusions, collecting evidence, and coordinating effective response workflows.
● Career
Cybersecurity careers by domain
Explore job families and certification issuers — two ways to map credentials to your path.
Incident Responder
Leads containment, eradication, and recovery during security incidents.
Roles in this job family
Incident Response Analyst
Mid-levelExecutes playbooks, collects artifacts, and documents timelines.
Incident Response Manager
SeniorCoordinates stakeholders, communications, and post-incident reviews.
Related certifications
ECIH
ECIH
EC-Council Certified Incident Handler
EC-Council
Incident response certification for handling breaches, containment, eradication, and recovery with structured IR playbooks.
GCFA
GCFA
GIAC Certified Forensic Analyst
GIAC / SANS
Digital forensics certification covering host and network artifact analysis, timeline reconstruction, and evidence handling.
CySA+
CySA+
CompTIA Cybersecurity Analyst
CompTIA
Analyst-level credential covering threat detection, vulnerability management, and security monitoring operations.
GCIA
GCIA
GIAC Certified Intrusion Analyst
GIAC / SANS
Advanced SOC and intrusion analysis certification for network traffic, IDS/IPS, and attacker technique detection.
GREM
GREM
GIAC Reverse Engineering Malware
GIAC / SANS
Malware analysis and reverse engineering for investigators — static/dynamic analysis, unpacking, and threat intelligence workflows.
SC-200
SC-200
Microsoft Security Operations Analyst
Microsoft
SOC analyst path using Microsoft Sentinel and Defender for threat detection and incident response.
GSEC
GSEC
GIAC Security Essentials
GIAC / SANS
Broad technical security baseline covering networking, IAM, crypto, and defense fundamentals.
GCFE
GCFE
GIAC Certified Forensic Examiner
GIAC / SANS
Windows-focused digital forensics certification for investigators collecting and analyzing endpoint evidence.
CCNP Sec
CCNP Sec
Cisco Certified Network Professional Security
Cisco
Network security professional track covering firewalls, VPNs, identity, automation, and secure network architecture on Cisco stacks.
SecurityX
SecurityX
CompTIA SecurityX
CompTIA
Advanced practitioner certification (CAS-004) for senior security architects — technical depth beyond CASP+ in enterprise environments.
CCFA
CCFA
CrowdStrike Certified Falcon Administrator
CrowdStrike
Validates deployment and administration of the CrowdStrike Falcon platform: sensors, prevention policies, detection tuning, and operational response workflows. Common for SOC and endpoint security teams standardizing on Falcon.
BTL1
BTL1
Blue Team Level 1
Security Blue Team
Practical blue-team certification focused on log analysis, SIEM workflows, and incident triage for SOC analysts.
CSLS
CSLS
Certified Stormshield Log Supervisor
Stormshield
Certification sur Stormshield Log Supervisor (SLS) : collecte de logs SNS, tableaux de bord, rapports, règles d'alarme et investigation SOC. Prérequis CSNA. Complète le parcours défensif Stormshield aux côtés de CSNE.
SSCP
SSCP
Systems Security Certified Practitioner
(ISC)²
Hands-on security operations certification spanning access controls, incident response, and network monitoring.
CHFI
CHFI
Computer Hacking Forensic Investigator
EC-Council
Digital forensics investigation certification for evidence handling and incident analysis.
GASF
GASF
GIAC Advanced Smartphone Forensics
GIAC
GIAC Advanced Smartphone Forensics — professional certification mapped from the Paul Jerimy security certification roadmap.
GBFA
GBFA
GIAC Battlefield Forensics and Acquisition
GIAC
GIAC Battlefield Forensics and Acquisition — professional certification mapped from the Paul Jerimy security certification roadmap.
GCFR
GCFR
GIAC Cloud Forensics Responder
GIAC
GIAC Cloud Forensics Responder — professional certification mapped from the Paul Jerimy security certification roadmap.
GNFA
GNFA
GIAC Network Forensic Analyst
GIAC
GIAC Network Forensic Analyst — professional certification mapped from the Paul Jerimy security certification roadmap.