Digital forensics is a branch of forensic science that focuses on identifying, acquiring, processing, analyzing, and reporting on data stored electronically. Electronic evidence is a component of almost all criminal activities and digital forensics support is crucial for law enforcement investigations. This role may unofficially or alternatively be called a Computer Forensic Analyst.
The job description of a Digital Forensics can include the following:
- Conduct analysis of log files, evidence, and other information to determine the best methods for identifying the perpetrator(s) of a network intrusion.
- Confirm what is known about an intrusion and discover new information, if possible, after identifying intrusion via dynamic analysis.
- Provide a technical summary of findings in accordance with established reporting procedures.
- Examine recovered data for information of relevance to the issue at hand.
- Perform file signature analysis.
- Perform file system forensic analysis.
- Collect and analyze intrusion artifacts (e.g., source code, malware, and system configuration) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
- Degree in Computer Science, Information Technology, Cyber Security, or a related field.
- Advanced knowledge of digital storage methods, operating systems, programming, hacking techniques, and malware.
- Practical experience using computer operating systems such as MS Windows, UNIX/Linux.
- An analytical mind with the ability to make sense of many different data inputs.
- Organized, efficient and able to work unsupervised under your own initiative.
- Exceptional written and verbal communication skills.
Attention to detail.