Great Circle Waypoints Blog

When you update your resume, make sure to highlight your incident management experience. That’s something prospective employers will notice, and make your resume stand out from the rest. Be as specific as you can, and use active verbs; if there’s anything special or unusual about your incident process, say so. Don’t forget to talk about post-incident reviews and learning from incidents, too.

Read on for examples of what you might put on your resume. […]

I’m looking forward to the Learning From Incidents Conference (LFIconf) in Denver on 15-16 February 2023. See you there?

[…]

People sometimes ask me, “How do I reopen a closed incident?” The short answer is that you shouldn’t. Open a new incident instead. Here’s why that’s best.

[…]

Incident Commanders serve a crucial role in protecting company operations, so clearly they should be drawn from senior management due to their authority and experience, right? Wrong.

When I see clients whose pool of Incident Commanders is largely made up of senior managers, directors, and even vice presidents, I am simultaneously impressed with their commitment to incident response but worried about their results.

[…]

I'm pleased to announce that I'm again available for consulting engagements, focusing on helping clients develop their incident management capabilities using Slack.  I've spent the past 3+ years at Slack, building a world-class incident management program, which...

There are many roles in high-tech incident response, such as incident commander, tech lead, communications lead, subject matter expert, and so forth. Individuals often fill multiple roles simultaneously, especially in the early stages of an incident; generally, this is OK, and particular roles can be handed off to other individuals as more people join the response. However, in my experience with incident response at Google and elsewhere, having one person trying to act as both the incident commander (IC) and the tech lead (TL) is a recipe for trouble. […]