+ Reply to Thread
Results 1 to 9 of 9
  1. Senior Member aderon's Avatar
    Join Date
    Jul 2013
    Posts
    365

    Certifications
    B.S. IT - Sec, CCNA Security, CCNA R&S, AWS CSA Associate, CCENT, A+, Net+, Sec+, Proj+, Lin+, LPIC-1, CIW: WFA, CIW: WDS, MTA: OS, MCP
    #1

    Default Looking to enter into the Digital Forensics field (Need Advice)

    I'm going to be graduating with a B.S. in IT (Network Admin) soon and I'm starting to plan my next steps forward. My end goal is to become a digital forensics investigator.

    I'm considering two options. Either,
    A) Spend $10,000 to get a master's in Digital Forensics over a 2 year time span
    or
    B) Spend $5,000 to earn my EnCE cert through one of the boot camps in the time span of a month or so.

    My question is, would a B.S. in IT along with the EnCE be enough to land me an entry level digital forensics position or should I just go straight for the master's? (Note: I'm going to get the master's either way, I'd just like to start my digital forensics career as early as possible)
    Also, do you think the added benefit of landing a job early would be worth the extra $5000 I'd wind up spending by getting the EnCE cert AND the master's as opposed to just the master's?
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Apr 2011
    Location
    Chicago, IL
    Posts
    103

    Certifications
    CISSP, GWAPT, CEH, GCED, CISA, MCP
    #2
    I don't know much about the digital forensics field, but my understanding is that it is very difficult to get into. I believe oftentimes police officers, fbi, etc with a knack for IT end up in digital forensics, rather than IT people going directly into it. That said, work experience is the most important thing, and if you have done the research and believe you could get a job in digital forensics with the EnCE cert, I would go that route, get the work experience, and then augment your qualifications later with the masters degree.
    Reply With Quote Quote  

  4. yzT
    yzT is offline
    Senior Member yzT's Avatar
    Join Date
    May 2013
    Posts
    352

    Certifications
    Security+
    #3
    The answer depends on what do you understand by digital forensics:

    - Police: prior to become a forensics investigator, you need to be a police already for a couple of years.

    - Private companies, banks, etc: if the company is large and deal with important data, likely there is a forensic guy as part of the incident response team. So do not expect this position to be suited for an entry level.

    So, what are your chances?

    - Go for the master's and do a high quality project that make you stand out.
    - Become a policeman.
    - Try to get any other security-related position, like a security analyst, eventually moving to an incident response team and once you're here, specializing in forensics.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Feb 2013
    Posts
    202
    #4
    There are a few job postings for Junior Digital Forensics. It asked for a BS Degree, and some hands-on experience which could be acquired with a boot camp. In my Master's program, I recently finished a forensics course and for the Final Exam, we were required to pass the Access Data ACE Certification, which can be found here: Certifications | AccessData

    That could be something to look at as well. There are a few options that you can choose, but you may be able to snap up a position as an entry level forensics guy (Junior level) and work your way up.
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Jan 2012
    Posts
    450

    Certifications
    CISSP, GSLC, GISP, GSEC, GCED, GCIH, GCIA-g, GPEN, GWAPT, GCFA, CEH
    #5
    If by career advancement in private companies, a huge Security Operation Center with Incident Response to Forensics tied to a Security Operation Center that require a Security Analyst with Forensic Knowledge is a viable option. You can slowly advance from Network Forensic to on site forensic. Another way would be directly to go into managed security services company like FireEye, where they value forensic and reverse malware.

    If by Education Choice and trying to get yourself in a forensic field, you need to have passion, either you top your class in your master or you tied your current education with various certifications and not just one certificate. Fortunately, the forensics field has so many certifications options available that is not specifically limited to one organization. You can to choose from GIAC, EnCase, ISC2 and a few others. My recommendation if you want to do break in forensic really hard, take your master and spend free time traveling around listening to forensic audio lecture and books on public transport. Grab up to 2 forensic related certs with your master, you will stand out among the crowd and thus makes you easy to break into forensic field.
    Last edited by LionelTeo; 04-23-2014 at 01:05 PM.
    Reply With Quote Quote  

  7. Junior Member Registered Member ComputerForensics's Avatar
    Join Date
    Apr 2014
    Location
    Toronto
    Posts
    8
    #6
    the computer is not the instrument of the crime, it may contain evidence of illegalities. As PCs, PDAs and other computer-based devices become pervasive in work and personal lives, it's no surprise they often play a role in illegal behavior.
    Reply With Quote Quote  

  8. this is my clone
    Join Date
    Jan 2014
    Location
    In the wires
    Posts
    333

    Certifications
    CISSP, GSEC, GCIH, MCSE, MCTS, ITIL-F, A+, Net+, Sec+, Linux+, Project+, ACE, CCNA R&S
    #7
    Getting involved with a consulting firm that does digital forensics is a good way to get started. The EnCE isn't bad to have, but it's just that - all based on EnCase. So if you go to an AccessData shop, you'll need to get familiar with FTK and all of their tool suites. AccessData has a nice training package, but again, it probably doesn't make sense to choose one vs. the other until you know what kind of shop you are going into. Also, there's a good chance that the company you get involved with will offer on-the-job training, or will pay for you to attend training.

    I agree with LionelTeo and say get as much independent/free knowledge as you can via webcasts, books, audio lecture, etc. There are some great books out there, such as those by Harlan Carvey, that explain a lot of really in-depth concepts for forensics / IR on a Windows platform. Just remember there is also mobile device forensics, and Linux/Unix forensics, so I think being familiar with the methodology for HOW to perform a forensic analysis trumps 'click this button in the tool and it will index/search for your string/regex'.

    You can also check out ForensicFocus.com for some tips/tricks.
    Reply With Quote Quote  

  9. Senior Member danny069's Avatar
    Join Date
    Nov 2012
    Location
    NYC
    Posts
    999

    Certifications
    A+, Security+, ACMT, CASP, CEH, CCNA R&S, A.S. & B.S. Cyber Security Systems/Digital Forensics, M.S. Cyber Security
    #8
    Definitely look into the Access Data Cert I believe it is free, I looked at the exam and it is no joke, but hey it's free. Real good advice there. My professor recommended it and it will look good on your resume, especially if you can utilize the FTK (Forensics Tool Kit) I am currently doing my Bachelor's Degree in Cyber Security/Digital Forensics. I would do specialized training first instead of a Master's program, since you are going to do the Master's eventually. It will assist you in getting your foot in the door.
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Apr 2013
    Posts
    1,832
    #9
    I have a friend that works in forensics. He wasn't an officer, but all the people he works were. There was an opening in his department and he said I'd be great there as they train you on the job for the forensics specific stuff. The job was filled by a police officer.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks