Profession digital forensics expert

Digital forensics experts retrieve and analyse information from computers and other types of data storage devices. They examine digital media that may have been hidden, encrypted or damaged, in a forensic manner with the aim to identify, preserve, recover, analyse and present facts and opinions about the digital information.

Would you like to know what kind of career and professions suit you best? Take our free Holland code career test and find out.

Personality Type

  • Conventional / Investigative

Knowledge

  • Query languages

    The field of standardised computer languages for retrieval of information from a database and of documents containing the needed information.

  • Penetration testing tool

    The specialised ICT tools which test security weaknesses of the system for potentially unauthorised access to system information such as Metasploit, Burp suite and Webinspect.

  • Resource description framework query language

    The query languages such as SPARQL which are used to retrieve and manipulate data stored in Resource Description Framework format (RDF).

  • Computer forensics

    The process of examining and recovering digital data from sources for legal evidence and crime investigation.

  • ICT security standards

    The standards regarding ICT security such as ISO and the techniques required to ensure compliance of the organisation with them.

  • Information confidentiality

    The mechanisms and regulations which allow for selective access control and guarantee that only authorised parties (people, processes, systems and devices) have access to data, the way to comply with confidential information and the risks of non-compliance.

  • ICT network security risks

    The security risk factors, such as hardware and software components, devices, interfaces and policies in ICT networks, risk assessment techniques that can be applied to assess the severity and the consequences of security threats and contingency plans for each security risk factor.

Skills

  • Use scripting programming

    Utilise specialised ICT tools to create computer code that is interpreted by the corresponding run-time environments in order to extend applications and automate common computer operations. Use programming languages which support this method such as Unix Shell scripts, JavaScript, Python and Ruby.

  • Implement ICT network diagnostic tools

    Use software tools or components that monitor ICT network parameters, such as performance and throughput, provide data and statistics, diagnose errors, failures or bottlenecks and support decision making.

  • Secure sensitive customer's information

    Select and apply security measures and regulations related to sensitive customer information with the aim of protecting their privacy.

  • Develop information security strategy

    Create company strategy related to the safety and security of information in order to maximise information integrity, availability and data privacy.

  • Provide ICT consulting advice

    Advise on appropriate solutions in the field of ICT by selecting alternatives and optimising decisions while taking into account potential risks, benefits and overall impact to professional customers.

  • Perform forensic preservations of digital devices

    Preserve integrity of ICT devices, such as laptops, desktops and other digital media, by storing them physically and using software such as PTK Forensics and EnCase to retrieve, store and trace digital information in a legal manner so that they can be used as evidence at an appropriate time.

  • Manage data for legal matters

    Collect, organise and prepare data for analysis and review during investigation, regulatory filings and other legal processes.

  • Gather data for forensic purposes

    Collect protected, fragmented or corrupted data and other online communication. Document and present findings from this process.

  • Manage IT security compliances

    Guide application and fulfillment of relevant industry standards, best practices and legal requirements for information security.

  • Educate on data confidentiality

    Share information with and instruct users in the risks involved with data, especially risks to the confidentiality, integrity, or availability of data. Educate them on how to ensure data protection.

  • Use software for data preservation

    Utilise specialised applications and software to collect and preserve digital information.

  • Perform security vulnerability assessments

    Execute types of security testing, such as network penetration testing, wireless testing, code reviews, wireless and/or firewall assessments in accordance with industry-accepted methods and protocols to identify and analyse potential vulnerabilities.

  • Identify ICT security risks

    Apply methods and techniques to identify potential security threats, security breaches and risk factors using ICT tools for surveying ICT systems, analysing risks, vulnerabilities and threats and evaluating contingency plans.

Optional knowledge and skills

xquery design computer network ict security legislation ict encryption information security strategy hardware architectures data storage perform data mining nexpose whitehat sentinel hardware platforms linq sparql n1ql information architecture use different communication channels legal requirements of ict products mdx ldap cloud technologies nessus

Common job titles

  • Computer forensic examiner i
  • Digital forensics response analyst
  • Security analyst - digital forensics
  • Forensic computer analyst
  • Forensic computer analyst
  • Digital forensics incident response (dfir) analyst
  • Digital forensics analyst
  • Forensics and investigations analyst
  • Cyber intel analyst
  • Forensic scientist