8 answers
Joel’s Answer
There are five GIAC certifications related to digital forensics.
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Advanced Smartphone Forensics (GASF)
- GIAC Certified Forensic Examiner (GCFE)
- GIAC Network Forensic Analyst (GNFA)
- GIAC Reverse Engineering Malware (GREM)
Any of these would be beneficial for someone seeking a position in fighting cybercrime.
Joel recommends the following next steps:
Jessica Valentine’s Answer
Hi Armando! Look into the Security+ certification with CompTIA and the CISSP (associate level can be achieved prior to the 5 years of required experience.
Doris’s Answer
Hi Armando,
Here's another link with great info on getting your OSCP.
https://scund00r.com/all/oscp/2018/02/25/passing-oscp.html
Good luck!
KC’s Answer
If you're looking for a role in cyber security, certifications certainly won't hurt. However, companies where security engineers are doing the hiring tend to focus more on practical skills and an understanding how how to assess and address risk. Certifications don't necessarily reflect those skills in practice. In fact, most of the brightest people I know in infosec do not have certifications. By no means am I assuaging you from pursuing that. But many security certs require years of experience, so you run into frequent 'chicken-and-egg' issues. Instead, spend your time interacting with others around your geographical area that are security engineers. If you have a local BSides, OWASP, or DEF CON group, reach out to them to help assess the resources available to you based on your interests. Explore, do, challenge yourself! We need you!
ROBERT’s Answer
I would suggest you look into a law enforcement training track. When we have brushed against actionable crime in business we always need to turn it over to police or FBI to take action. From my interaction with law enforcement you will have much more trust & opportunity if you become an officer or special agent first, then specialize in a unit focused on cybercrime.
ROBERT recommends the following next steps:
Stacy’s Answer
Hello Armando,
Here is a link from the College Board website that can give you a head start about some possible career paths that you can choose from. Definitely, if you want to work for the CIA or FBI, you would be required to get a MA (Master's degree).
Hope this helps you a little to figure out your future endeavors (:
Miguel’s Answer
These are all great recommendations. I would suggest acquiring some foundational knowledge on Computer/Digital Forensics and then finding a certification specific to the forensic tool you will use such as EnCase https://www.opentext.com/products-and-solutions/services/training-and-learning-services/encase-training/examiner-certification. The GIAC certifications are good but quite broad. I found a product specific certification provides more value on the use of the tool and the process it is built for which is aligned with industry best practices.
You can create a test lab to practice with open source tools. Many are available https://www.guru99.com/computer-forensics-tools.html
Mariana’s Answer
Hi Armando, GIAC is definitely a great start, but it's somewhat general and broad. OSCP (Offensive Security Certified Professional), it's hands on, with explanation on techniques. The material will lead you to a lab and prepare you for the exam.
https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/
A couple of books that will help you are Practical Malware Analysis. The Rootkit Arsenal. Reversing Secrets of Reverse Engineering.
Mariana recommends the following next steps: