About This Career
Conducts investigations on computer-based crimes establishing documentary or physical evidence, such as digital media and logs associated with cyber intrusion incidents. Analyzes digital evidence and investigates computer security incidents to derive information in support of system and network vulnerability mitigation. Preserves and presents computer-related evidence in support of criminal, fraud, counterintelligence, or law enforcement investigations.
This career is part of the Information Technology cluster Information Support and Services pathway.
A person in this career:
- Adheres to legal policies and procedures related to handling digital media.
- Analyzes log files or other digital information to identify the perpetrators of network intrusions.
- Conducts predictive or reactive analyses on security measures to support cyber security initiatives.
- Creates system images or captures network settings from information technology environments to preserve as evidence.
- Develops plans for investigating alleged computer crimes, violations, or suspicious activity.
- Develops policies or requirements for data collection, processing, or reporting.
- Duplicates digital evidence to use for data recovery and analysis procedures.
- Identifies or develops reverse-engineering tools to improve system capabilities or detect vulnerabilities.
- Maintains cyber defense software or hardware to support responses to cyber incidents.
- Maintains knowledge of laws, regulations, policies or other issuances pertaining to digital forensics or information privacy.