Best Recognised Qualification To Gain??


Contribute to the community and build up your resume

Contribute to this forum by helping to moderate and answer questions.

If interested, please contact us at forum@ComputerForensicsWorld.com


JayJay

New Member
Dec 30, 2013
13
0
#1
Hi Guys....

Currently i have been doing IT Support for approx 2 years (started of as a 1st line support and now doing IT Support)

Money is great & so is the job, however i seem to find the job very boring (no real purpose apart from fixing laptops and doing various fixes)

I live in the UK and most of the courses i have found for Computer forensics are Uni based courses. However i dont want to go Uni to study full time and incure a debt of £28000 -.-....

I believe i have a good understanding of computers and currently studying my Comptia Network + & Cloud essentials part time.

I was wondering what would be the best course for me to study or what would be the best qualification to gain to get a job in Computer forensics or a similar field.

Im open to suggestions....

Many thanks

Jay
 

cybercop

Administrator
Oct 31, 2005
1,660
0
#2
Without a degree in computer forensics, a career in computer forensics is extremely unlikely. There are some certifications that will make you more valuable to employers, but anybody with a degree in computer forensics will get the job before you do. Anybody with a degree in computer forensics and various forensics certs will get the job before someone with just a degree. In a nutshell, the more education in forensics you have, the more likely you will meet the qualifications for a job in forensics.
 

JayJay

New Member
Dec 30, 2013
13
0
#3
Hi cybercop,

many thanks for your reply/advise. I guess ill have to find a part time university course :(.. Its a real shame that one requires a degree to get a step into the industry.

Any suggestions for which course i should go for ? Such as a normal computer forensics or something to do with network security etc...

(realised your in the USA so things will be slightly different then the UK :( )

Thanks

Jay
 
Dec 31, 2006
3,405
0
#4
With the competition in the job market a degree is a requirement to make it past HR let alone to get in front of the hiring official.

Additionally forensics is in all but the most rare cases not an entry level field so you will need experience in addition to a degree.

I would recommend a degree in computer science. Take some electives in criminal justice to give yourself some basis and understanding of evidence handling. My experience with CF programs is that they are very immature.

Make sure you work on giving presentations in your classes and in front of groups. Whether you get into forensics or incident response, presenting your findings is a very important skill.
 
Jan 4, 2014
45
6
#5
JJ.
All good advice here. You might want to consider taking an interim step to your goal of getting into forensics. There are a lot more general security jobs that also do forensics then just forensics jobs. Since you are working on the CompTia exams give the Security+ a try. If you find you like the content you may have just found something to keep you employed and enjoying your work.
 

JayJay

New Member
Dec 30, 2013
13
0
#6
Hi all,

Many thanks for your replies.


Sorry does CF stand for? And i see, had a look at the comptia security +, looks quite advance at the moment. Ill take a look at IT security jobs and see what their requirements are ( however most want experience).

Ive been told by one of my tutor at College to just study the material and then go and study CCNA (as it is a more recognised qualification etc)

Well i guess i wont end up working for GCHQ, or the MI5 anytime soon hahaha!

Thanks for your help guys.
 
Dec 31, 2006
3,405
0
#7
InfoSecCow provided some great advice that you consider an interim goal of getting a job in computer security. InfoSecCow's recommendation to look at Security+, which is a starter certificate for those involved in computer security, should also be high on your list of to-dos.

After Security+, the CISSP is recognized as a top certification in security. However if you think Security+ looks difficult the CISSP will be a ways off.

CF = Computer Forensics

The CCNA (Cisco Certified Network Associate) is a great certification for a network engineer. "http://www.cisco.com/web/learning/certifications/associate/ccna/index.html" The CCNA is well recognized because it is not an easy certificate to obtain.

Forensic certifications range from vendor certifications like the EnCE from Guidance Software to the GCFE and GCFA from SANS Institute.

All in all you will need a degree, an entry point into computer jobs (InfoSecCow's suggestions should be high on your list), and then work on getting into forensics once you have the broad base of knowledge you will gain from experience in the workplace.
 

RobC

New Member
Jan 3, 2015
12
0
#9
Training in the UK

<t>Hi Jay<br/>
I am a security professional working in the UK and shock horror I don't have a degree at all. I have over 25 years experience however. 15 plus in Information Security and have recently moved into forensics. <br/>
<br/>
I am about to set up with a chap who has similar experience. Both of us are security architects so come to the field with a perspective different from most. We have years of experience designing and building secure systems. We understand where data is stored where it goes and how it gets there. We understand the composition of systems and the difficulties in securing them. <br/>
<br/>
I have been doing a series of courses with 7safe in Cambridge. They are part of PA Consulting and courses contribute towards a degree should you decide to go that way. <br/>
<br/>
I have completed 2 of the 4 in their Forensics passport and do the malware forensics course next week. They cover quite a bit of material. I have found it useful but stress that if you aren't using the knowledge in your work life retaining the information can be difficult. <br/>
I only did the course to assist me in my architecture role and didn't think I would use it as intended but after doing a couple of jobs for local legal firms we identified a bit of a gap in the market and are going to ease into the market using existing contacts. <br/>
<br/>
Your question about education is a good one and a university degree is a good thing to have if you don't have experience. Thankfully in the UK the focus on an essentially useless bit of paper that usually has no bearing what so ever on the job you are doing isn't so important. Industry qualifications plus experience mean much much more. I have interviewed many and I never look at the university education. It is experience relevant to the job I look for primarily. Having a degree is never a deciding factor.</t>
 

cybercop

Administrator
Oct 31, 2005
1,660
0
#10
I recommend that you be very careful in the contracts you agree to service without a solid foundation in computer forensics. Every time you end up in court testifying you will have an up hill battle at best just proving that you used proper investigative techniques. I have no doubt that you might be very good at information security, however, there is a very large difference between InfoSec and computer forensics. It is very likely that work done in the computer forensics field WILL end up in court. At that point, your lack of formal training in forensics will burn the case to the ground.
 

RobC

New Member
Jan 3, 2015
12
0
#11
I don't disagree that forensics is very different from infosec. Infosec is about managing risk whereas forensics is about finding evidence. Security Architecture is about designing and building secure systems and that requires understanding how to secure the very data you are looking for. Their is still a gap however because you don't often need to look at disks in hex for example and as you pointed out investigative technique is key. This is why the university recogognised course I am doing exists. I am considering completing the degree as well but don't see it as essential in the services I will be offering. Forensics is only a small part of it and I am focussing on civil cases not criminal.
 

cybercop

Administrator
Oct 31, 2005
1,660
0
#12
Civil cases need to be examined with the same care and caution as criminal cases. It is so easy to taint the evidence by making a simple mistake. The first attack you will see from the attorney for the other side is your lack of credentials in forensics. From there on it will be an up hill battle to attempt to prove that everything you did was done properly. The other side will have a fully credentialed investigator and as "the expert" the jury will have to believe them over the guy "that took a class".
 

RobC

New Member
Jan 3, 2015
12
0
#13
You are right that people put a lot of stock in a piece of paper that in reality means little. I have the experience and ample qualifications to back up any evidence I present. You don't know me or my background so don't presume I am not capable or qualified.

The guy asked how to get started in the UK. I gave him the starting point. Yes it is a course but it is well recognized in the uk and contributes to a degree course. So take your snobbish attitude and keep it to yourself.
 

cybercop

Administrator
Oct 31, 2005
1,660
0
#14
I am not attempting to be snobbish. I am simply stating facts. You will go on thinking the way you want to and that is absolutely fine. I sincerely do wish you well. In my experience, your stated lack of formal education is going to be a problem for you. 25 years of InfoSec security experience might be helpful, but it honestly does not translate to computer forensics.

This is a field where what you know is not as important as what you can prove that you know.

Good luck to you and your clients in this.
 

About us

  • Our community began in 2004. Since this time, we have grown to have over 29,000+ members within the DFIR & Cyber Security community.

    We are happy to announce that this forum is now under new ownership with the goal to once again become the main Digital Forensics Forum on the internet for DFIR, OSINT and Cyber Security.

    If you can think of ways to help us improve, please let us know.

    We pride ourselves on offering unbiased, critical discussion among people of all different backgrounds.

    We are working every day to make sure our community is one of the best.

Quick Navigation

User Menu