Digital Forensic Analyst Job Description
Digital Forensic Analyst Duties & Responsibilities
To write an effective digital forensic analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included digital forensic analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Digital Forensic Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Digital Forensic Analyst
List any licenses or certifications required by the position: FTK, CFCE, DCITA, ACE, CART, FBI, IAT, GCFE, ENCE, GCFA
Education for Digital Forensic Analyst
Typically a job would require a certain level of education.
Employers hiring for the digital forensic analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and University Degree in Computer Science, Computer, Engineering, Education, Forensics, Mathematics, Criminal Justice, Information Technology, Computer Information Systems, Software Engineering
Skills for Digital Forensic Analyst
Desired skills for digital forensic analyst include:
Desired experience for digital forensic analyst includes:
Digital Forensic Analyst Examples
Digital Forensic Analyst Job Description
- OFull-Scope forensic examinations
- OFile system forensics
- OAdvanced registry and Internet history analysis
- OSteganography detection and analysis
- OLarge data set analysis and Target language Keyword search
- OForensic tool and script development
- OMetadata extraction and analysis
- ONetwork forensics and analysis
- OGenerating forensic reports of interest to customers
- OCoordinate, develop and promulgate forensic and technical exploitation standards for the customer
- Minimum of four (4) years of experience in Information Technology (IT)
- OProvide technical support for federated partners, internal customer, and deployed platforms
- OProvide global (deployable) Technical Exploitation response capabilities, as required
- OPlan, Integrate & Execute full-spectrum technical exploitation plans, exercises, training and operations as required
- 5+ years of experience in a Cybersecurity role, including security operations, threat analyst, malware analyst, or systems administrator
- Experience with using Windows, Linux, and Mac OSX
Digital Forensic Analyst Job Description
- Assists with examinations of digital evidence and assists with the preparation of electronic evidence for litigation
- Establish and maintain excellent working relationships with stakeholders, cybersecurity and infrastructure support teams throughout the Information Technology organization
- Utilizes industry accepted forensic tools such as EnCase, FTK, Blacklight, Celebrite UFED, and more
- Individual will be responsible for the forensic extraction and analysis of data and electronic evidence from seized digital media
- Minimum 5 years computer forensics experience using Guidance Software EnCase
- Candidate should have a basic understanding of how malware is installed on a system and what logs and windows events signify possible malware injection
- THIS POSITION MAY REQUIRE ROUTINE CONUS TRAVEL AS DICTATED BY INVESTIGATIVE AND OPERATIONAL NECESSITY
- Maintaining security controls and chain of custody of electronic evidence
- Performing analysis of application and system logs
- Writing well written, concise forensic examination reports
- Must have extensive experience in forensic examinations at the enterprise level within the preceding 3 years
- Must have demonstrated experience in and ability to demonstrate the interpretation, processing and translation of file and operating system artifacts across a variety of platforms, expert-level experience in the use of automated forensic tools
- Must also be able to articulate, in detail, the processes being conducted by these automated forensic tools
- Experience in performing digital forensic collections, acquisitions and imaging comprehension of preservation and spoliation issues relating to electronic evidence is required
- Undergraduate degree in Digital Forensic Science, Computer Science/Engineering, Computer Information Systems, Mathematics, or a related field is also required
- Experience with host-based forensic analysis and techniques
Digital Forensic Analyst Job Description
- Provide Subject Matter Expertise (SME) to the Army CI-Cyber Program Manager for training, standards, policy and equipping of Army CI-Cyber elements worldwide
- Assist with the strategic growth and development of the CI-Cyber Program to include military and civilian elements
- Review national, DoD, and Army regulations, , digital forensics community best practices to draft/update standards for physical security, evidence control/processing, and personnel requirements
- Assist with development, preparation and staffing of CI-Cyber policies and directives to include development of Security Classification Guidance for CI Cyber Activities
- Develop and maintain quarterly metrics reporting requirements for Army CI-Cyber elements
- Utilize results to perform trend analysis in support of recommended changes to training and or budget
- Develop and present or support presentation of briefings to Senior Leaders
- Provide input for the execution of a $7M annual budget and work with the team to ensure execution of the budget to purchase contracts for items utilized by CI-Cyber personnel worldwide
- Participate in DoD level working groups to develop various policies and guidance for utilization, implementation and processes for CI personnel in the cyberspace
- Responsible for ensuring Army equities are identified and taken into consideration during formulation of these policies and guidance
- Knowledge of basic internal protocols, including TCP/IP
- Knowledge of industry standard forensic tools
- Ability to perform network forensics with tools
- Ability to image a variety of system hosts
- Experience with programming or scripting languages, including Perl, Python, or bash
- Experience with using virtual machines
Digital Forensic Analyst Job Description
- Analyses shall provide relevant background data and examination of possible outcomes and second- and third-order effects to support development of relevant and enduring threat mitigation documents
- Perform forensic analysis to preserve and analyse data from diverse set of digital data sources, including laptop and desktop computers, servers, networks and mobile devices
- Perform full scope of incident response process including pre-incident preparation, triage and post-incident computer forensics without destruction of critical data
- Conduct digital forensic investigations across numerous devices to include but not limited to stand-alone computers, laptops, handheld devices and servers
- Conduct enterprise computer security investigations and analysis including computer abuse and attacks/intrusions
- Digital forensics for incident response, malware, spam and some corporate security issues
- Participation in an on - call rotation approximately once every 2 months
- Participation in various information security projects as a forensics representative
- Perform analysis of data collected and report evidence of fact and expert witness testimony
- Communicate to management about lessons learned from root cause analysis so security improvements can be implemented
- Working knowledge of digital forensic investigation techniques
- BS degree in Computer Science, Electrical Engineering or similar
- EnCe certification or extensive experience using EnCase
- 2+ years of computer forensics and information security experience
- 2+ years of software/hardware desktop level 2 support
- Experience working with law firms and insurance companies is a plus but not required
Digital Forensic Analyst Job Description
- Deconstruct and interpret program code, such as .NET framework PowerShell, JavaScript and Python
- Perform (dynamic and behavioral) malware analysis
- Provide technical mentoring and direction for CSOC staff with a view to enhancing the cyber response & investigation capabilities of the organization
- Provide technical advice and guidance to the organization, including expert opinion on matters concerning e-discovery and post incident investigation
- Maintain the knowledge and ability to professionally perform internet or computer related investigations the capability to collect and manage digital evidence onsite consistent with both state and federal court requirements
- The ability to collaborate with key stake holders to include Legal, HR, Internal Audit, Compliance and various Businesses
- Develop procedures and processes to analyze and categorize digital evidence/media
- General knowledge of network security controls and DLP solutions
- Follow industry standard forensic best practices while imaging, preserving, handling and transporting digital data
- Conduct investigative interviews and obtain statements in relation to computer evidence
- ACFE – Certified Fraud Examiner a plus or 2+ years in fraud investigation
- Requires proficiency with forensic practices and procedures and evidence handling
- Must possess proficiency in conducting live analysis on networks, and multiple platforms
- Must have very good working knowledge of cyber threat technical capabilities
- Must have good oral and written communications skills to clearly and concisely document cyber security incident details
- Possess or obtain Computer Network Defense Service Provider (CNDSP) certification if required