As a forensic computer analyst, you’ll investigate computer-related crime (also known as cybercrime) that can include data breaches, security incidents and other online criminal activities.
You’ll use a range of specialized software and other techniques to secure, retrieve and analyze data linked to a range of illegal activities including:
- hacking
- network intrusions
- online scams and fraud
- political, industrial and commercial espionage
- terrorist communications
- the use of illegal images
- theft of confidential information.
You will investigate a range of crimes where the computer can either be the object of the crime, for example when criminals carry out hacking or spamming, or where it is used to commit a crime, such as online hate crimes or the possession of illegal pornography. It can also be used for illegal communication and data storage.
Your investigations can centre on data stored on a range of devices, including personal or work computers, tablets, mobile phones, the cloud and flash drives.
You could be working for the police or other law enforcement agencies, for a specialist computer forensic company or investigative team, or large companies such as banks.
Responsibilities
As a forensic computer analyst, you’ll need to:
- secure a system or device so it can’t be tampered with
- use a range of forensic tools and software to extract and analyse data
- deal with highly sensitive or confidential data or images, depending on the type of case you’re investigating
- recover damaged or deleted data or access hidden, protected or encrypted files
- unlock digital images that are locked to hide the identity of a place or person
- examine data from mobile phones and satellite navigation systems to trace people or places
- follow electronic data trails to reveal links or communication between individual or groups
- collect information and evidence in a legally admissible way
- write technical reports based on your findings and, if required, give evidence in court as an expert witness
- present findings of on-going incidents to other members in the investigation team, law enforcement agencies and clients
- keep up to date with evolving cybercrime methods and developments within the digital forensics field
- undergo security checks and vetting procedures
- work to relevant ISO accreditations.
