Professional development

Degree versus certification: Entry-level cybercrime analyst/investigator

September 12, 2019 by Greg Belding


Cybersecurity is a great career choice for those who have passion for information security and helping others with it. The role of cybercrime analyst takes this passion for information security a bit further and hybridizes it with cybercrime investigation techniques, concepts and practices, making the professional holding the role a formidable force against malicious attackers. 

You may have made it this far in choosing your career, but have you considered how to get to this role the fastest? This role requires either a degree or certification to be hired, but one path may be better for your than the other. 

This article will detail both the degree and certification paths to becoming an entry-level cybercrime analyst/investigator and will conclude with my considered opinion about which path to take.

Cybercrime analyst/investigator

Have you ever wanted to combine information security skills with crime-fighting skills to help organizations deal with the ever-growing menace of cyberthreats? This sort of hybrid dream job is no dream and it is not a grimy gumshoe gig, either. Rather, this cybersecurity specialization draws on these two skill sets to tackle some of the most daunting cybercrime challenges, often where conventional cybersecurity skills fail to prevail. Organizations and their security teams know their cybercrime analyst/investigator is up to the task. 

This role is often referred to by many different names, including:

  • Cybercrime analyst
  • Cybercrime investigator
  • Computer crime analyst/investigator
  • Computer forensics analyst
  • Cyber forensics analyst

One of the best selling points of this role (to those still on the fence) is that the United States Bureau of Labor Statistics has forecast this role to grow by 28% between the years of 2016 and 2026. With statistics like these, you can rest assured that there will be jobs in this role around for years to come.

Degree path

The first path to the threshold of this role’s door is that of the four-year degree. There is no hard-and-fast rule for what degree is required, but of organizations seeking this role, those requiring specific degree levels are as follows:

  • Associate’s (AA) degree/sub-bachelor’s: 7%
  • Bachelor’s degree: 70%
  • Graduate (master’s): 23%

The clear winner here is a bachelor’s degree from a four-year college or university. Organizations have their own individual needs and may require more education for one reason or another, so always check with the organization you are applying to about their specific requirements. 

With this decision all but made for you, the harder one still lies ahead: what should your major be? Even more open-ended than the last decision, there is definitely no hard-and-fast rule for what the degree should be in. Some well-represented degree majors include:

  • Information security/systems
  • Computer science
  • IT
  • Cybersecurity
  • Criminal justice
  • Accounting
  • Forensics
  • Computer forensics


There are a number of certifications available to prove the candidate’s knowledge and skills to organizations hiring for this role. The top three certifications available to the entry-level cybercrime analyst/investigator are presented below.

Certified Computer Forensics Examiner (CCFE)

Hosted by Infosec Institute Certification, this certification certifies tests for knowledge of the hard skills of computer forensics and the soft skills related to relevant legal issues. These exams cover nine domains of knowledge:

  • Law, Ethics and Legal Issues
  • The Investigation Process
  • Computer Forensic Tools
  • Hard Disk Evidence Recovery and Integrity
  • Digital Device Recovery and Integrity
  • File System Forensics
  • Evidence Analysis and Correlation
  • Evidence Recovery of Windows-Based Systems
  • Network and Volatile Memory Forensics
  • Report Writing

This certification does not have a minimum years of experience requirement. Rather, certification candidates just need to have acquired the necessary knowledge.

Certified Mobile Device Examiner (CMDE)

Hosted by the International Association of Computer Investigative Specialists, this is a high-powered certification available to those at the entry level of their cybercrime analyst/investigator career. CMDE certifies knowledge of mobile devices, digital forensics fundamentals, mobile device operating systems and smartphone file systems. 

The certification exam consists of an online written exam administered on the IACIS Moodle website. Exam candidates must earn a minimum score of 80% to pass the second examination, which is in the form of a tool agnostic assessment of a series of mobile artifacts and image files. 

The two exams do not have to be earned in the same sitting if the candidate does not want to, and often, this examination process spans two different days. There is no minimum passing score; instead the certification exam uses a pass/fail approach.

EnCase Certified Examiner (EnCE)

The last recommended certification for the entry-level cybercrime analyst/investigator is Opentext’s EnCase Certified Examiner using the EnCase Forensic tool. EnCE certifies a mastery of computer forensics investigation methodology and proficient practical application of EnCase in complex computer examinations. 

Certification candidates are required to attend 64 hours of authorized computer/digital forensic training, which can be earned online and can be perused ahead of time here


The role of cybercrime analyst/investigator is a great choice for those that have a passion for information security and crime investigation and want to follow them both simultaneously. 

The open-endedness the requirements for this role allows you to reframe the premise of this article with this new set of questions to ask yourself. Do you want to have the most solid chance of earning an entry level cybercrime analyst/investigator role? If so, you should take the bachelor’s degree path, as it is the most asked-for qualification. Do you want to reach this role in the shortest amount of time possible? If you do, buy some study guides, teach yourself the knowledge for at least one of these certifications, and you will have a documentable qualification before those at the end of their first year of the degree path have time to lose the “freshman 15.”



  1. Cybersecurity Career Pathway, CyberSeek
  2. Certified Computer Forensics Examiner (CCFE), Infosec Institute
  4. EnCase Certified Examiner (EnCE) Certification Program, Opentext
Posted: September 12, 2019
Greg Belding
View Profile

Greg is a Veteran IT Professional working in the Healthcare field. He enjoys Information Security, creating Information Defensive Strategy, and writing – both as a Cybersecurity Blogger as well as for fun.