Newbie: Suggestions on "Building a career path towards Forensics".

XqzitXqzit Registered Users Posts: 3 ■□□□□□□□□□
Hello,

I know there are lot of threads and some of them may contain the answers for my question but the more I read it's get trickier for me to select a path/course. icon_redface.gif So i'd appreciate any help from you guys.

Long-term goal: Forensics Expert.

Cert's I have / pursuing : A+, N+, Server +, Operating system (windows), Exchange server, Security+, CCNA.

Question:
  1. What are the Cert's needed and the order in which I need to take 'em? Please mention the experience or other criteria's required for each certs and the time for each certs.
  2. What is the starting position in my job and how can I work my way up? experience and other details.
  3. Estimated years (time) to accomplish my goal for a average person.
  4. Any other suggestions would be helpful too.
TYVMicon_thumright.gif

Comments

  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    I'd look into some GIAC certs. Probably start with GCIH.
  • XqzitXqzit Registered Users Posts: 3 ■□□□□□□□□□
    Well, thank you for your reply. icon_thumright.gif

    But it doesn't answer all my questions.. it's kind vague. Anyway, appreciate the help.
  • LionelTeoLionelTeo Member Posts: 526 ■■■■■■□□□□
    1. What are the Cert's needed and the order in which I need to take 'em? Please mention the experience or other criteria's required for each certs and the time for each certs.

    I would suggest to make use of the overlapping content between CEH and GCIH to gain a foothold in GIAC certs. GCIH is a small milestone to forensic.

    So the path should be.

    CEH -> GCIH -> GCFE ->GCFA -> GREM.

    Another way would be to collect enough qualification to get into a good company that send you for these courses.
    1. What is the starting position in my job and how can I work my way up? experience and other details.
    2. Estimated years (time) to accomplish my goal for a average person.

    A few ways, you can aim to get into as a SOC Analyst first by working towards analyst certs like GCIA and GCIH, as they have the highest headcount requirement and thus its easier to break in security this way.
    Another way is to ask from an internal transfer from your company. You can move from networking or helpdesk into security.

    Ideally you would want to express your interest in IT Security through your resume by getting some relevant IT Security Certs, so you would fall into secondary consideration in interviewing process and get selected when they run out of primary selection.

    From SOC enviroment as SOC analyst, it is then easier to move to another SOC with forensic integrated, and thus you would require GCIH, GCIA and GCFA/E by then. (GCIH and GCIA at a minimum with some SOC experience).

    From there, you can request to move to the forensic team as your career progress. Ideal time will take 4-6 years.
    1. Any other suggestions would be helpful too.

    Self Study while traveling on public or listening to podcast if your hands/eyes are not free helps. Learn from different sources such as from books and not just work experience only.
  • philz1982philz1982 Member Posts: 978
    So as usual, I have a completly different spin on things.

    My Dad is a partner at a major IP legal firm. He says finding Forensics folks is a friggin beating. Most of them suck, and can't speak in front of a court room to save their lives.

    He said, if they find a good Forensics guy they keep them on retainer at $300/hr because a forensics guy can literally make or break an IP case.

    So, where the heck am I going with this. Hook up with a smaller IP firm, work under a lead forensics consultant doing all their grunt work and then open your own consulting shop. Like anything in IT, there are a ton of people who do things, and very few who do things well....

    Cert's are nice, but if you want to go the court route, past case experience and publishing experience in trade journals works well.

    In the book the four hour work week, the author lays out a plan to become a perceived expert in anything. It involves publishing articles, signing up to speak on the news as an SME, and then broadcasting your expertise via social media. Do that and your set.

    I could be totally reading your post wrong, if you want to go the LEO route....
  • the_Grinchthe_Grinch Member Posts: 4,164 ■■■■■■■■■■
    I would suggest some course in public speaking and writing be taken as well. Documentation is a huge factor when it comes to forensics and when on the stand you will be talking to people who might not have an understanding of technology. Experience is really the big key here and certification wise you should look towards the major software used by professionals in the field ie EnCase and FTK.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,665 Admin
    Xqzit wrote: »
    Long-term goal: Forensics Expert.
    What is your idea of a "forensic expert?" Where do you see yourself working and doing what? Are there any job posting that you've found that describe your ultimate goal?
  • XqzitXqzit Registered Users Posts: 3 ■□□□□□□□□□
    JDMurray wrote: »
    What is your idea of a "forensic expert?" Where do you see yourself working and doing what? Are there any job posting that you've found that describe your ultimate goal?
    My Idea of "Forensic expert" is vague so bear with me - I think it's someone who investigates or analyzes security breaches.

    I have no idea as to where I'll be working and doing what. But this what I think I'm looking for.... something to do with Cybersecurity (government) doing some hacking and cool stuffs that I have seen on TV (i don't know if there is any post of that kind LOL) . I don't know what post I need to aim for coz there are so many stuff I read on the internet and still haven't got a clue. suggestions?
Sign In or Register to comment.