This is a list of certifications I’ve seen requested in online Digital Forensics and Incident Response job postings in the US for junior/associate roles. For more information about the different roles within DFIR, see the resources on Getting Into the DFIR Field. It’s best to research job postings for the type of role you want to see what the most requested certifications are.
I’ve seen these certifications requested only for Incident Response roles that involve digital forensics:
- CompTIA: Security+ (This is the minimum certification requirement I’ve seen for some Incident Response Analyst jobs)
- CompTIA: CySA+ (Cybersecurity Analyst)
- Cisco: CCNA Cyber Ops
- EC-Council: Certified Ethical Hacker (CEH)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Network Forensic Analyst (GNFA)
- GIAC Reverse Engineering Malware (GREM)
I’ve seen these certifications requested in both Digital Forensics (law enforcement/specialist) and Incident Response roles that involve digital forensics:
- EC-Council: Certified Forensic Hacking Investigator (CHFI)
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Certified Forensic Examiner (GCFE)
- EnCase Certified Examiner (EnCE)
- Certified Computer Examiner (CCE)
- Certified Forensic Computer Examiner (CFCE)
Several of the certifications listed above are part of the DoD Approved 8570 Baseline Certifications.
Other Worthwhile DFIR Certifications
There are also certifications that may not be as popular with employers but are practical, hands-on certifications (which in my opinion should be requested by employers). They all include training. Here is a partial list:
- Cyber 5W Certified Digital Forensic Analyst (CCDFA)
- 13Cubed Certified: Investigating Windows Endpoints
- 13Cubed Certified: Investigating Windows Memory
- Hack The Box Certified Defensive Security Analyst (HTB CDSA)
- CyberDefenders: Certified CyberDefender (CCD)
- C5W Certified Malware Analyst (CCMA)
For the full list, check out DFIR, OSINT, and Blue Team certifications with training included for under $1,000.
AboutDFIR also has a large list of certifications and training.