What it’s like being a Cyber Forensics Investigator
By Lyan Ware Contributor
The role of a cyber forensics investigator usually entails providing evidence for legal cases based on what the client needs to be proven or disproven. The work typically involves collecting, processing, analyzing, and preserving digital evidence for criminal cases. You can also expect to provide testimony during depositions, trials, and legal proceedings.
Your day-to-day will likely involve recovering data from junked hardware such as cell phones, hard drives, and other digital storage systems. You will also be using different tools and programs to retrieve and analyze data from emails, deleted or encrypted files, and logging systems. Network analysis is also a responsibility of a cyber forensics investigator.
Some skills you will definitely want to have if you’re considering becoming a cyber forensics investigator include:
- Understanding how to use the different digital forensics investigation models
- In-depth knowledge of data retrieval for several operating systems (Windows, Linux, macOS, Unix, and Android
- Being able to work well under time pressure
You will also need to develop strong communication and cooperation skills, since this role will involve collaborating with law enforcement, lawyers, and other cyber incident responders during ongoing investigations. Possessing good writing skills is another requirement, since you will be presenting your case findings with documentation that will include technical reports and an up-to-date chain of custody for the evidence.
If you think you would find this role exciting and gratifying, some network protocol analyzing resources that would be useful to learn include Wireshark, Autopsy, Volatility, and Sift Workstation.