How do they match: Digital Forensics Analysts

  • Information Technology Analyst
  • Information Technology Security Analyst
  • Information Security Analyst
  • Information Security Engineer
  • Information Security Manager

  • Conduct investigations on computer-based crimes establishing documentary or physical evidence, such as digital media and logs associated with cyber intrusion incidents. Analyze digital evidence and investigate computer security incidents to derive information in support of system and network vulnerability mitigation. Preserve and present computer-related evidence in support of criminal, fraud, counterintelligence, or law enforcement investigations.

  • Analyze log files or other digital information to identify the perpetrators of network intrusions.
  • Create system images or capture network settings from information technology environments to preserve as evidence.
  • Duplicate digital evidence to use for data recovery and analysis procedures.
  • Maintain knowledge of laws, regulations, policies or other issuances pertaining to digital forensics or information privacy.
  • Perform web service network traffic analysis or waveform analysis to detect anomalies, such as unusual events or trends.
  • Write cyber defense recommendations, reports, or white papers using research or experience.

  • Compile technical information or documentation.
  • Enter codes or other information into computers.
  • Identify information technology project resource requirements.
  • Monitor the security of digital information.
  • Recommend changes to improve computer or information systems.
  • Translate information for others.
  • Write computer programming code.