Best way to find first job  

New Member

Any advise on how to find first job in Digital Forensics? I'm finishing up my Masters in DF, and I currently work in Information Security. I'm locate in FL. Any words of advise would be appreciated.

Thank you in advance!

Posted : 12/08/2017 12:36 am
Active Member

Apply. If you're already working in information security and doing an MS in Digital Forensics, you're at least paper qualified. Look for positions where you can get trained and work with someone more experienced.

If you're not already doing hands-on forensics work in your infosec role, start doing forensics on your own devices. Have you done an acquisition of every phone/tablet you own and analyzed it? Have you gotten demos of commercial software and used them? An iPhone can be acquired with iTunes. Android should be acquired with adb. And, Magnet and Belkasoft both have free mobile acquisition tools.

EnCase Imager and FTK Imager are my go-to tools for hard drive acquisitions and they are free. You can live image a Mac easily enough with dd. Load the images into Autopsy/SIFT/Paladin and see what you can find. Then, start checking out all of the individual free tools that are out there for pulling browser history (e.g. NirSoft, Hindsight), Shellbag Explorer, etc.

Check out these two blogs to start with http//, http// The first is Harlan Carvey's. He posts here frequently and wrote some very good forensic books. Both blogs mention a lot of tools you should check out.

Hopefully you're already doing some of the things I mentioned, but take the first thing seriously apply. Learning and experimenting on your own will help you show your interest/passion and help you get up to speed faster when you get hired. But, don't put off trying to get hired.


Posted : 12/08/2017 1:23 am

Do you want to do in-field or in-lab work?

Depending on the lab or agency you may need BLE training. Or current education/experience will be fine if its a non-sworn position.

Look to get a certification to boost you above other candidates. EnCE,FTK cert, CCE.

E-Discovery and Cyber Security Forensics are the corporate side of the field

Posted : 12/08/2017 2:05 am
New Member

Thank you all for your input!

I'm not currently doing forensics at my job. All the experience I have is from school, and some from my own free time analysis.

TBH, at this point, I'm not sure on in-field or lab-work.. as all I have is school experience which would constitute to lab-work. I will look into certs.

Posted : 15/08/2017 11:10 pm