A person who provides a rapid initial response to any IT incident or event that may require further investigation. Examples of such events include security threats, cyber-attacks and other illegal activities.
Sources:
NISTIR 8006