Cyber Crime Investigator Job Profile

What is a Cyber Crime Investigator?

The Cyber Crime Investigator identifies, collects, examines, and preserves evidence using controlled and documented analytical and investigative techniques.

Cyber Crime Investigator must know

  • computer networking concepts and protocols, and network security methodologies.
  • risk management processes (e.g., methods for assessing and mitigating risk).
  • laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • cybersecurity and privacy principles.
  • cyber threats and vulnerabilities.
  • specific operational impacts of cybersecurity lapses.
  • intrusion detection methodologies and techniques for detecting host and network-based intrusions.
  • system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • Insider Threat investigations, reporting, investigative tools and laws/regulations.
  • adversarial tactics, techniques, and procedures.
  • electronic devices (e.g., computer systems/components, access control devices, digital cameras, digital scanners, electronic organizers, hard drives, memory cards, modems, network components, networked appliances, networked home control devices, printers, removable storage devices, telephones, copiers, facsimile machines, etc.).
  • processes for seizing and preserving digital evidence.
  • legal governance related to admissibility (e.g. Rules of Evidence).
  • processes for collecting, packaging, transporting, and storing electronic evidence while maintaining chain of custody.
  • types and collection of persistent data.
  • social dynamics of computer attackers in a global context.
  • electronic evidence law.
  • legal rules of evidence and court procedure.
  • applicable laws, statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code),Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures.
  • covert communication techniques.
  • crisis management protocols, processes, and techniques.
  • physical and physiological behaviors that may indicate suspicious or abnormal activity.
  • the judicial process, including the presentation of facts and evidence.
  • applicable statutes, laws, regulations and policies governing cyber targeting and exploitation.
  • application Security Risks (e.g. Open Web Application Security Project Top 10 list)

key skills if the Cyber Crime Investigator

  • preserving evidence integrity according to standard operating procedures or national standards.
  • collecting, processing, packaging, transporting, and storing electronic evidence to avoid alteration, loss, physical damage, or destruction of data.
  • using scientific rules and methods to solve problems.
  • evaluating the trustworthiness of the supplier and/or product.

Cyber Crime Investigator must be able to

  • find and navigate the dark web using the TOR network to locate markets and forums.
  • examine digital media on multiple operating system platforms.

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?