So, it is time.
I have been "Security Specialist" for long enough in the private sector (financial industry).
Working %80 forensics, %20 IR-security what title would you ask for in the USA? How about overseas? How about someone who works globally?
@jhup Perhaps you should he proof-read your poll since the "Forensic Investigator" is listed twice ;).
There's all types of forensics disciplines out there. Add computer before the forensics title. People might mistaken you for a forensic accountant since you work in the financial industry. <g> I don't know what a forensic accountant is but I have seen it in job postings.
It was a lunch time special a_kuiper. D I will consolidate the two when I get a chance.
Good point surfandwork. I read a very good forensic accountant's (Tracy Coenen) blog. Amazing stuff.
@jhup Perhaps you should he proof-read your poll since the "Forensic Investigator" is listed twice ;).
Three times I think!
Personally prefer Digital Forensics Analyst
after all computers are not the only item I have to work with
Nick
Perhaps you ought to have a look at a) what your job spec is and b) what you actually do.
We see a lot of work that has been outsourced by police and the companies that do the work typically employ a recent university grad on a basic salary with the title computer forensic investigator/analyst (or similar) and they are clearly neither.
If you simply trawl through a disk, extract all of the indecent images and look through the registry to find supporting evidence of downloads or do eDiscovery and just produce reams of data that others analyse then I would suggest that computer forensic technician might be a good title.
If you try to determine who was sat at the machine and what steps they took to download the material or you find a dodgy java script and then rather than just report its presence you investigate how it works - then investigator might be a better title.
Perhaps you ought to have a look at a) what your job spec is and b) what you actually do.
We see a lot of work that has been outsourced by police and the companies that do the work typically employ a recent university grad on a basic salary with the title computer forensic investigator/analyst (or similar) and they are clearly neither.
If you simply trawl through a disk, extract all of the indecent images and look through the registry to find supporting evidence of downloads or do eDiscovery and just produce reams of data that others analyse then I would suggest that computer forensic technician might be a good title.
If you try to determine who was sat at the machine and what steps they took to download the material or you find a dodgy java script and then rather than just report its presence you investigate how it works - then investigator might be a better title.
HERE HERE !!!!!
To my thinking, the major difference in the job title is either Analyst/Examiner or Investigator. A Forensic Computer Examiner/Analyst limits the scope of what they do to what is contained on the computer system / local network / digital device. Once you start making inquiries outside of that scope, you're an Investigator.
When I first started forensics in 2000 with the police, it was clearly indicated to me that my job was to examine the computers/phones/etc, and investigating was for the detectives. So a Forensic Computer Investigator is essentially a half and half, who does forensics, but also works cases by questioning subjects/suspects or outside parties, conducting surveillance, and so on.
In response to Paul Sanderson's post about whether you analyse a dodgy script and whether that constitutes an investigation, I think that depends on whether you do the analysis in a sandbox or through code analysis, vs if you run the script in the wild and trace its functionality outside of the local system. I know for example that some guys at CERTs follow malicious code output to the drop box systems, and you could certainly classify that as investigative.
Excellent points.
Un- or fortunately, depending on the case, I do not get to just generate data. I do have to investigate and draw conclusions.
The word "digital", I believe is more fitting than "computer" as I have to deal with things that are not computers per se.
So, thanks for all the ideas! I think I will go with digital forensic investigator. It describes my day-to-day role and responsibility fairly well.