Related Specialties

Arson Investigator Careers and Education
Forensic Accounting
Forensic Nursing Careers
Ballistics Expert Career Guide
Crime Scene Investigator Careers

Home » Specialties » Digital or Computer Forensics Investigator

How to become a digital or computer forensics expert Learn about a forensics career that gets more important every day.

woman examines computer internal drive for clues

What do digital and computer forensic experts do?

Computer and digital forensics is the use of analytical and investigative techniques to identify, collect and examine magnetically stored or encoded evidence.

The job of a computer—also called digital—forensic investigator is to dive into an infected or compromised program or software to learn about a digital breach or a hack. They specialize in recovering data from computers used in criminal or corporate breach investigations. Their primary goal is to help law enforcement investigators recover data and trace the source of the breach. They work closely with police, investigators and law enforcement officials to provide the evidence they’ll need to arrest hackers and cyber criminals.

In This Article

Job duties

The first step in many computer or digital forensics projects is to make an exact duplicate of a hard drive and then run tests on the copy to get as much evidence from it as possible. This often involves retrieving deleted or encrypted documents. Computer forensics experts often find this the most challenging and fun part of their job. They also work on cell phones, tablets and cameras, or any other source of compromised digital information.

Computer forensic experts work in a variety of places including police departments, local and federal government agencies, prosecutors’ offices, law firms, accounting firms, identity protection agencies, banks and other financial institutions and insurance companies. They may also work as contractors and hire their services out to private companies and agencies.

Daily tasks

In a day’s work, they’ll perform such tasks as:

  • Gathering evidence 
  • Recovering and reconstructing data from damaged or erased hard drives 
  • Using forensic software to collect and analyze electronic data 
  • Writing investigative reports 
  • Reporting findings to law enforcement
  • Providing expert testimony about digital evidence 
  • Identifying system vulnerabilities 
  • Evaluating the breadth of a cyberattack

4 steps to become a digital forensic expert

Earn your bachelor’s degree.

man working as tech support on phone

You’ll have some options to consider once you enroll in school. You can earn a bachelor’s in computer science for example and get a broader education in such areas as computer programming, information systems and networks, or you can hone your focus exclusively on cybersecurity essentials such as information security and security systems.

Gain experience.

woman photographs infected computer keyboard

With a bachelor’s degree you can work in an entry-level role that will give you a solid foundation in IT, systems engineering and support services. This experience will come to good use once you complete a master’s program in your chosen digital and computer forensics area of specialty.

Earn your master’s.

digital forensic investigators head to court to testify

Master’s degrees in cybersecurity are becoming more common and this is where you’ll want to study your options, decide which areas of forensics interest you and specialize. Some of the cybersecurity areas to consider are digital forensics, cyber forensics and computer forensics.

Consider professional certification.

man looking at tablet for hacks

You’ll want to continue to advance and grow in your career, so you might want to consider earning a professional certification (or two). Some employers may require you to earn certifications, which may contribute to your value to your company as well as expanding your skillset.

Computer forensics education, certification and licensure

Most computer forensics investigators learn their trade while working for a law enforcement agency, either as a police officer or a civilian computer forensics expert. Some go into law enforcement specifically to get this training and establish a reputation before moving to the private sector.

To get computer forensics training outside of law enforcement, a computer science, cybersecurity or accounting degree is a good place to start. A computer science degree gives you the technical skills needed, and an accounting degree provides good background knowledge for investigating financial fraud. More and more colleges and universities are offering bachelor’s or master’s degrees in computer forensics.

Because of the growing popularity of this field, many schools now offer bootcamps and certificate programs in computer forensics. These short duration, intensely focused programs are for law enforcement officers, paralegals or others already finished with a degree program, working in a related field and/or involved in investigative work.

Professional certifications

Because they work with rapidly evolving technologies, computer forensics experts never stop training. They continually learn about the latest software programs, operating systems and methods of fraud detection by attending conferences and taking additional computer forensics courses. Professional certifications, such as the ones listed below, are also a great way to advance or expand your knowledge once you’re already working in the field.

Some professional certifications to consider include:

  • Certified Computer Examiner (CCE)
  • EnCase Certified Examiner (EnCE)
  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Certified Forensic Examiner (GCFE)
  • GIAC Network Forensic Analyst (GNFA)
  • Certified information Privacy Professional (CIPP)
  • Computer Hacking Forensic Investigator

There are no licenses specifically for computer forensic investigators, but some states, such as Texas, require them to be licensed private investigators.

What skills should a computer forensics investigator have?

A computer forensic investigator should have thorough knowledge of the law and legalities so they can observe proper evidence custody and control procedures. They should be able to document evidence accurately so that it can be presented at trial.  


Employers look for digital forensic investigators who have knowledge of data analysis, computers, forensic science and legal procedures. There are also specific skills and job-knowledge that a digital forensic investigator needs:

  • Knowledge in investigative process and procedure
  • Understanding of criminal law and cybersecurity
  • Statistics/data and math skills
  • Tech savviness
  • Knowledge of common programming languages
  • Detail-oriented
  • Experience with penetration testing and professional hacking
  • Excellent verbal and written reporting skills 

What types of tools do computer forensic investigators use?

Tools for digital forensic investigators get more sophisticated by the day—and it’s easy to see why. To catch cyber thieves, an investigator’s tools need to be at least as complex and savvy as the cybercriminal’s. According to Lifars Securityscorecard, many of today’s tools are “wrappers” or one toolkit that contains hundreds of technologies with different functions. Though there are hundreds open source and proprietary sets of tools and applications out there, here are just a couple of examples of state-of-the-art applications and tools used on the job:

Autopsy:
Autopsy helps a forensic investigator to gain an understanding of what happened on a phone or computer. There are different modules that can perform a timeline analysis, do hash filtering, recover deleted files and find indications of compromise among other things.
Microsoft COFEE:
COFEE stands for “Computer Online Forensic Evidence Extractor” and it is a forensic kit that extracts evidence from Windows-specific computers. Developed by a former Hong Kong police officer turned Microsoft executive, COFEE acts as an automated forensic tool during a live analysis.
Computer Aided Investigative Environment:
Assists investigators in the four stages of investigation: preservation, collection, examination and analysis.
EnCase:
EnCase is the premiere pioneer tool used in forensic cyber investigations. It helps investigators find evidence to testify in criminal investigation cases involving cybersecurity breaches by recovering evidence and analyzing files on hard drives and mobile devices.

Median annual salaries

According to the 2021 U.S. Bureau of Labor Statistics Occupational Employment Statistics, computer forensics experts working as private investigators and detectives earn a median annual salary of $59,380. Information security analysts on the other hand, earn a healthy $102,600 annually.

If you practice computer forensics for a police department, your salary will depend on your rank and seniority. The median annual salary for police and sheriffs is $64,610, while forensic scientists earned a median annual salary of $61,930.

Here are salaries for information security analysts and forensic scientists by state:

Information Security Analysts

National data

Median Salary: $102,600

Projected job growth: 34.7%

10th Percentile: $61,520

25th Percentile: $79,400

75th Percentile: $131,340

90th Percentile: $165,920

Projected job growth: 34.7%

State data

State Median Salary Bottom 10% Top 10%
Alabama $84,970 $48,190 $162,330
Alaska $79,230 $61,070 $124,260
Arizona $101,570 $61,600 $164,030
Arkansas $98,320 $48,920 $138,820
California $128,970 $77,750 N/A
Colorado $102,390 $60,030 $165,530
Connecticut $99,410 $77,910 $162,940
Delaware $102,410 $77,750 $165,500
District of Columbia $124,550 $95,270 $166,660
Florida $100,690 $60,590 $156,710
Georgia $101,850 $62,110 $161,070
Hawaii $99,420 $62,210 N/A
Idaho $98,320 $48,800 $140,770
Illinois $119,990 $62,970 $155,160
Indiana $80,170 $50,200 $127,590
Iowa $102,080 $59,620 N/A
Kansas $86,210 $54,610 $131,340
Kentucky $79,990 $48,630 $129,220
Louisiana $83,100 $48,780 $136,030
Maine $80,150 $59,620 $120,300
Maryland $124,870 $63,160 $194,700
Massachusetts $101,380 $63,160 $165,730
Michigan $97,980 $46,810 $132,380
Minnesota $101,000 $62,780 $151,770
Mississippi $62,970 $45,880 $102,090
Missouri $95,270 $60,490 $131,040
Montana $79,200 $48,920 $102,350
Nebraska $80,330 $59,290 $128,330
Nevada $82,760 $61,700 $128,920
New Hampshire $102,090 $63,070 $165,730
New Jersey $127,090 $77,750 $167,810
New Mexico $119,990 $62,310 $167,520
New York $127,590 $76,200 N/A
North Carolina $119,980 $64,260 $165,720
North Dakota $80,150 $38,340 $124,550
Ohio $99,040 $57,220 $133,190
Oklahoma $79,860 $48,180 $131,340
Oregon $101,390 $63,160 $162,770
Pennsylvania $98,220 $53,630 $135,410
Rhode Island $99,340 $61,750 $151,760
South Carolina $99,050 $48,770 $131,340
South Dakota $99,040 $77,500 $129,800
Tennessee $82,650 $56,590 $132,260
Texas $100,680 $60,680 $154,880
Utah $98,870 $59,620 $156,660
Vermont N/A N/A N/A
Virginia $126,230 $63,090 $167,930
Washington $127,370 $75,150 $165,730
West Virginia $79,860 $60,680 $131,830
Wisconsin $98,170 $49,040 $131,040

Source: U.S. Bureau of Labor Statistics (BLS) 2021 median salary; projected job growth through 2031. Actual salaries vary depending on location, level of education, years of experience, work environment, and other factors. Salaries may differ even more for those who are self-employed or work part time.

Forensic Science Technicians

National data

Median Salary: $61,930

Projected job growth: 11.4%

10th Percentile: $37,670

25th Percentile: $47,750

75th Percentile: $80,670

90th Percentile: $103,430

Projected job growth: 11.4%

State data

State Median Salary Bottom 10% Top 10%
Alabama $52,640 $36,480 $67,310
Alaska $68,840 $59,680 $101,560
Arizona $63,360 $39,760 $101,360
Arkansas $50,100 $31,140 $60,040
California $81,910 $55,440 $125,310
Colorado $76,870 $50,950 $97,670
Connecticut $78,850 $50,950 $101,060
Florida $50,370 $37,300 $77,590
Georgia $47,750 $32,510 $69,100
Hawaii $64,630 $50,860 $81,910
Idaho $50,100 $39,390 $80,910
Illinois $103,430 $61,490 $104,100
Indiana $61,550 $37,200 $80,910
Iowa $64,760 $50,950 $104,100
Kentucky $46,030 $28,310 $60,040
Louisiana $47,330 $31,510 $81,690
Maine $60,040 $37,320 $72,510
Maryland $62,540 $47,040 $103,900
Massachusetts $81,690 $50,950 $123,860
Michigan $62,730 $37,670 $96,740
Minnesota $78,200 $47,740 $103,850
Mississippi $49,020 $30,630 $63,750
Missouri $58,960 $46,980 $77,980
Montana $63,750 $47,310 $80,910
Nebraska $60,040 $34,000 $76,010
Nevada $64,250 $47,310 $98,820
New Hampshire $77,440 $50,840 $88,250
New Jersey $64,760 $39,430 $82,090
New Mexico $47,870 $23,260 $78,980
New York $80,170 $50,390 $106,360
North Carolina $47,320 $37,300 $63,810
Ohio $64,250 $47,310 $103,900
Oklahoma $49,490 $23,850 $80,670
Oregon $79,580 $47,170 $109,930
Pennsylvania $47,740 $29,120 $76,880
South Carolina $45,850 $36,380 $61,460
South Dakota $39,780 $29,500 $60,040
Tennessee $50,520 $37,550 $82,340
Texas $50,860 $36,610 $81,910
Utah $50,370 $38,650 $64,250
Virginia $60,040 $39,050 $91,770
Washington $75,100 $48,990 $94,540
Wisconsin $58,960 $37,960 $98,750
Wyoming $59,270 $38,910 $80,220

Source: U.S. Bureau of Labor Statistics (BLS) 2021 median salary; projected job growth through 2031. Actual salaries vary depending on location, level of education, years of experience, work environment, and other factors. Salaries may differ even more for those who are self-employed or work part time.

Job growth and outlook

Computer forensics may be a relatively new but well-established field within criminal justice but with more than 1,400 publicly acknowledged data breaches in 2022 alone, and another 400 not publicly reported, the job growth forecast for experienced digital and computer forensic investigators is much stronger than the national average for all other careers.

According to the U.S. Bureau of Labor Statistics information security analysts can anticipate a 34.7% job growth through 2031 compared to the 5% growth for all other careers combined. Add to the fact that some 422 million individuals in the U.S. alone experienced some form of compromised data in 2022, and you can see why digital and computer forensic investigators and experts should experience a healthy job market for the foreseeable future.

Sources: computerforensicsworld.com; U.S. Bureau of Labor Statistics

Written and reported by:

All Criminal Justice Schools Staff

Updated: February 21, 2023