Skip navigation

Digital Forensics Analysts - 15-1299.06

O*NET-SOC Description

Conduct investigations on computer-based crimes establishing documentary or physical evidence, such as digital media and logs associated with cyber intrusion incidents. Analyze digital evidence and investigate computer security incidents to derive information in support of system and network vulnerability mitigation. Preserve and present computer-related evidence in support of criminal, fraud, counterintelligence, or law enforcement investigations.

Sample of Reported Job Titles

No information available.

SOC Occupation Groups

Related Occupations

No information available.

Tasks

  • Adhere to legal policies and procedures related to handling digital media.
  • Analyze log files or other digital information to identify the perpetrators of network intrusions.
  • Conduct predictive or reactive analyses on security measures to support cyber security initiatives.
  • Create system images or capture network settings from information technology environments to preserve as evidence.
  • Develop plans for investigating alleged computer crimes, violations, or suspicious activity.
  • Develop policies or requirements for data collection, processing, or reporting.
  • Duplicate digital evidence to use for data recovery and analysis procedures.
  • Identify or develop reverse-engineering tools to improve system capabilities or detect vulnerabilities.
  • Maintain cyber defense software or hardware to support responses to cyber incidents.
  • Maintain knowledge of laws, regulations, policies or other issuances pertaining to digital forensics or information privacy.
  • Perform file signature analysis to verify files on storage media or discover potential hidden files.
  • Perform forensic investigations of operating or file systems.
  • Perform web service network traffic analysis or waveform analysis to detect anomalies, such as unusual events or trends.
  • Preserve and maintain digital forensic evidence for analysis.
  • Recommend cyber defense software or hardware to support responses to cyber incidents.
  • Recover data or decrypt seized data.
  • Write and execute scripts to automate tasks, such as parsing large data files.
  • Write cyber defense recommendations, reports, or white papers using research or experience.
  • Write reports, sign affidavits, or give depositions for legal proceedings.
  • Write technical summaries to report findings.

Detailed Work Activities

  • Analyze security of systems, network, or data.
  • Analyze traffic data.
  • Compile technical information or documentation.
  • Develop technical methods or processes.
  • Enter codes or other information into computers.
  • Establish operational policies.
  • Examine records or other types of data to investigate criminal activities.
  • Identify information technology project resource requirements.
  • Maintain computer equipment or software.
  • Maintain knowledge of laws or regulations.
  • Maintain records, documents, or other files.
  • Monitor the security of digital information.
  • Plan production or operational procedures or sequences.
  • Provide recommendations to others about computer hardware.
  • Recommend changes to improve computer or information systems.
  • Record images needed to address work issues.
  • Testify at legal or legislative proceedings.
  • Translate information for others.
  • Write computer programming code.
  • Write reports or evaluations.

Military Crosswalk Titles

  • ADP Systems Security Officer (Navy - Commissioned or Warrant Officer)
  • AOC Information Operations Team Member (Navy - Commissioned Officer only)
  • Basic Offensive Cyber Operator (Navy - Enlisted)
  • Communications Officer (Marine Corps - Commissioned Officer only)
  • Computer Network Capability Development (Navy - Commissioned or Warrant Officer)
  • Computer Network Operations (Navy - Commissioned or Warrant Officer)
  • Cryptologic Cyberspace Analyst (Marine Corps - Enlisted)
  • Cryptologic Cyberspace Operator (Marine Corps - Enlisted)
  • Cryptologic Technician Networks (Navy - Enlisted)
  • Cryptologic Technicians (Collection) (Navy - Enlisted)
  • Cyber Defense Analyst (CDA) - Network (Navy - Enlisted)
  • Cyber Defense Operations Manager (Air Force - Enlisted)
  • Cyber Network Defender (Army - Enlisted)
  • Cyber Network Defense Infrastructure Specialist (CNDIS) (Navy - Enlisted)
  • Cyber Network Operations Officer (Marine Corps - Commissioned Officer only)
  • Cyber RandD Specialist (Navy - Enlisted)
  • Cyber Research and Development Specialist (Navy - Enlisted)
  • Cyber Surety (Air Force - Enlisted)
  • Cyber Surety Apprentice (Air Force - Enlisted)
  • Cyber Surety Craftsman (Air Force - Enlisted)
  • Cyber Surety Helper (Air Force - Enlisted)
  • Cyber Surety Journeyman (Air Force - Enlisted)
  • Cyber Systems Operations (Air Force - Enlisted)
  • Cyber Systems Operations Apprentice (Air Force - Enlisted)
  • Cyber Systems Operations Craftsman (Air Force - Enlisted)
  • Cyber Systems Operations Helper (Air Force - Enlisted)
  • Cyber Systems Operations Journeyman (Air Force - Enlisted)
  • Cyberspace Support Manager (Air Force - Enlisted)
  • Cyberspace Support Superintendent (Air Force - Enlisted)
  • Fusion Analysis Superintendent (Air Force - Enlisted)
  • Information Operations Specialist (Marine Corps - Enlisted)
  • Information Protection Technician (Army - Warrant Officer only)
  • Information Systems Technician (Navy - Enlisted)
  • Information Systems Technician Submarines (Navy - Enlisted)
  • Information Technology Manager Submarines (Navy - Enlisted)
  • Intelligence Tactics Instructor (Marine Corps - Commissioned or Warrant Officer)
  • Marine Air Ground Task Force (MAGTF) Communications Planner (Marine Corps - Commissioned Officer only)
  • Navy Interactive On-Net (ION) Operator (Networks) (Navy - Enlisted)
  • Navy Interactive On-Net (ION) Operator (Unix) (Navy - Enlisted)
  • Navy Interactive On-Net (ION) Operator (Windows) (Navy - Enlisted)
  • Navy Interactive On-Net Operator (Navy - Enlisted)
  • Network Systems Engineering (Army - Commissioned Officer only)
  • Senior Signal Operations (Army - Commissioned Officer only)
  • Signals Analyst (Navy - Enlisted)
  • Signals Intelligence (Air Force - Enlisted)
  • Signals Intelligence Apprentice (Air Force - Enlisted)
  • Signals Intelligence Apprentice, Communications Analyst (Air Force - Enlisted)
  • Signals Intelligence Apprentice, Electronic Non-Communications Analyst (Air Force - Enlisted)
  • Signals Intelligence Craftsman, Communications Analyst (Air Force - Enlisted)
  • Signals Intelligence Craftsman, Electronic Non-Communications Analyst (Air Force - Enlisted)
  • Signals Intelligence Helper (Air Force - Enlisted)
  • Signals Intelligence Helper, Communications Analyst (Air Force - Enlisted)
  • Signals Intelligence Helper, Electronic Non-Communications Analyst (Air Force - Enlisted)
  • Signals Intelligence Journeyman, Communications Analyst (Air Force - Enlisted)
  • Signals Intelligence Journeyman, Electronic Non-Communications Analyst (Air Force - Enlisted)
  • Signals Intelligence/Electronic Warfare/Cyberspace Operations Chief (Marine Corps - Enlisted)
  • Signals Intelligence/Electronic Warfare/Cyberspace Operations Technician (Marine Corps - Enlisted)
  • Special Investigations (Air Force - Commissioned Officer only)
  • Special Investigations (Air Force - Enlisted)
  • Special Investigations Craftsman (Air Force - Enlisted)
  • Special Investigations Helper (Air Force - Enlisted)
  • Special Investigations Journeyman (Air Force - Enlisted)
  • Special Investigations Superintendent (Air Force - Enlisted)
  • Technical Surveillance Countermeasures (TSCM) Specialist (Marine Corps - Enlisted)

Apprenticeship Crosswalk Titles

No information available.

DOT Crosswalk Titles

No information available.