The Digital Forensics Analyst/Investigator performs a variety of highly technical analyses and procedures dealing with the collection, processing, preservation, analysis, and presentation of computer?related evidence, and is responsible for disseminating and reporting cyber?related activities, conducing vulnerability analyses and risk management of computer systems and recovering information from computers and data storage devices. Use forensic tools and investigative methods to find specific electronic data, including Internet use history, word processing documents, images and other files. Proficient in the latest forensic, response, and reverse engineering skills, but is astute in the latest exploit methodologies. Recover information from computers and data storage devices. Use forensic tools and investigative methods to find specific electronic data, including Internet use history, word processing documents, images and other files and information that have been hidden, deleted or lost.
- Hands-on working experience with Encase and/ or FTK digital forensics applications
- Experience within SOC/NOC operations
- Experience providing metrics and reports from a SIEM
- Demonstrated expert-level knowledge of Intrusion Detection
- Demonstrated expert-level knowledge of industry standards and best practices within digital forensics
- Experience with researching and fielding new and innovative technology
- Familiarity with Kill Chain for incident response
- Familiarity with malware analysis
- Demonstrates knowledge of the following security related technologies: IPS, IDS, SIEM, firewalls, DNS, encryption, HIDS, NIDS, proxies, Network Packet Analyzers, malware analysis, forensic tools, and enterprise level appliances;
- Demonstrate expert ability to analyze and identify relationships and trends between incidents in the short term and patterns across incidents in the long term and report trend analysis in quarterly and yearly trend analysis reports;
- Demonstrate expert knowledge of encryption algorithms such as IPSEC, AES and etc.
- Demonstrate expert ability to analyze of file system implementations such as NFTS, EXT and etc.
- Prior experience leveraging common scripting languages (PowerShell, bash, Python) to parse logs, and automate repeatable tasks
- Excellent skills and the ability to communicate effectively with various clients with the ability to explain and elaborate on technical details.
- Bachelor's degree in Computer Science, Computer Engineering, Electrical Engineering or equivalent experience
- FOR500
- FOR572
- FOR585
$44K <= $54K <= $63K
$39K <= $49K <= $51K
$45K <= $58K <= $79K
$39K <= $41K <= $71K
£31,624 <= £38,999 <= £49,499
AU$58K <= AU$67,990 <= AU$92K
- https://bitofhex.com/2018/11/07/starting-in-digital-forensics-law-enforcement-edition/
- https://resources.infosecinstitute.com/category/computerforensics/introduction/computer-forensics-interview-questions/#gref