Professional's Perspective

A snapshot look at the IT forensics profession from the perspective of Rob Lee, an IT forensics expert at Mandiant.

Name: Rob Lee

Title: Director and IT forensics expert at Mandiant, a Washington-based information security software and services firm

Related work: Curriculum lead for digital forensics training at the SANS Institute.

30-second résumé: Before joining Mandiant, Lee served as the technical lead for a vulnerability discovery and exploit development team that worked for a variety of law enforcement, government and intelligence agencies.

He is a graduate of the U.S. Air Force Academy and a founding member of the USAF's Information Warfare Squadron, the first U.S. military operational unit focused on information operations.

Skills boost: To stay current, Lee does hands-on work in the field and is an avid reader of and contributor to information security journals and blogs.

A passion to learn and to continue learning -- rather than a formal computer science degree or security certification -- is the top requirement for an IT forensics expert, says Lee, who also teaches SANS certification classes. He also recommends specializing in a particular area of computer forensics.

"If you're choosing forensics, be a specialist in firewalls or hacking or mobile devices," Lee says. "Mobile devices alone are extremely complex and constantly changing.

"If you're just beginning, classes are the way to go," he advises. "After that, you can continue to learn online. The best thing you can do once you attain a certain level [of expertise] is give of yourself back to the community. Choose something you don't think anyone else has [expertise in] and research that. Always do research and publish it."

Next: Opinion: Web 2.0 security depends on users

Related:

Copyright © 2009 IDG Communications, Inc.

  
Shop Tech Products at Amazon