Transitioning from Forensic Science to Digital Forensics

If you scroll down and look at the earliest content on this site you’ll see a couple posts about forensic science. Truth is, when I was seriously considering a career I was hyper focused on becoming a forensic scientist. Either a crime scene tech, state crime lab, or for an forensic science research organization. I knew the job was nothing like the TV shows, and I knew it was tough, not the best pay and not always the most exciting day to day.

However, I found out that breaking into the field was a whole other ball game. The best options were going through the police academy and specializing in forensic science or pursuing a more focused biology/medical background. Neither of those really appealed to me and I already had my Criminology/Forensic Science degree in hand. So what the hell am I supposed to do? I decided to pursue a Master’s, at the very least it’ll help move towards the academic side of the work, right?

Luckily, while in Post-grad I was surrounded by extremely helpful and realistic people. After talking to a few professors and advisors, I realized I was not on a path to get to my dream job and should really consider other options. That was a hell of gut punch, but I really needed it! Then the idea of cybersecurity entered the chat. I always knew about cybersecurity and the wonderful world of Information Technology (IT). I can safely say IT was my hobby I took apart computers, jailbroke phones, and acted as the family IT person. However I was under the impression that you HAD to have a Computer Science degree to even think about working in IT….. well… if you don’t already know, this is absolutely not true. I will defend this to my last days, YOU DO NOT NEED AN INFORMATION TECHNOLOGY DEGREE TO WORK IN INFORMATION TECHNOLOGY. Don’t get me wrong it can help, but its not a requirement and you’ll likely need a lot more experience especially these days.

So after talking with a few of the cybersecurity professors, I was convinced and they told me I should be able to pursue it with my background, no problem. Well…. I am very happy to have the support of those professors but even then I knew I was not ready. If I wanted this I am going to need to work a hell of a lot harder than I did to get my bachelor’s.


How do you break into cybersecurity, when you have basically no experience and already dedicated a portion to your life to an entirely separate industry? For me, it came down to a lot of reading and realizing that learning takes a long time and you may feel like you still know absolutely nothing. I can say it took me at least a full year before I “felt” like I actually knew anything about IT. But here’s the thing, that is perfectly normal and everyone has felt that way. And I mean EVERYONE, from the super smart and savvy person you work with that makes it look easy to the folks who give the most advanced technical talks that make you feel embarrassed to be even considered in the same field.

We all start from nothing and that’s cool!

Me on a random Tuesday

We all approach “breaking into the field” the same way, of course some folks have advantages over others but I hope that it is at least a tiny bit better for everyone now.

So what did I do? Well I decided to try to learn IT from the bottom up, my goal is to reach cybersecurity but at the very least I know there are other IT opportunities I could learn to love. I remember coming across a similar roadmap to the CompTIA one below.×11-online

This basically lists all the different certifications available through this company that you can follow and reach a specific type of job listed on the right. However, instead of going from cert to cert I decided to focus on the topics that each of the certs covered. For example, I started with an A+ certification book and started reading, anytime I came across a word I truly did not know I wrote it down and tried to keep reading. Eventually I had a list of words that I had no idea what they meant. Then I went through the tedious process of looking up each of those words and keeping notes of what each means. There were plenty of topics that I looked up 3, 4, 5 or even 10 different times before it actually made sense. Again, that’s perfectly normal if that happens to you. I also found, looking up things in different formats help. Reading about IP addresses may not “click” in your mind as much as watching a YouTube video (shout out to LTT whose videos really helped make sense of some topics).

Learning is cool and all, but how do I get the job?!? Alright, alright, settle… to get the job was something I honestly wasn’t sure I could achieve. I had to start somewhere, so I looked into it and it appears most folks jumping into IT start at the helpdesk. Help desk can be 20 different job titles but the key words are “Helpdesk”, “IT Technician”, “IT Support”, etc. Basically you work with customers or other employees to fix IT problems. To be honest, it’s rough work… when you work in help desk you are dealing with people who have an issue. People who have technology issues are not always kind in that moment and may not understand why things don’t work. It definitely helps you learn to deal with people which is absolutely vital in any IT role, I think people forget about that. There is a thought that technical work will only involve tech, no people, but that is definitely not the case.

The best IT workers I’ve met, security or not, are good with people and tech, not just tech.

On the flipside, working on the helpdesk is a gauntlet of learning. I guarantee you will come across plenty of issues that don’t have obvious solutions. The feeling you get when things “click” and you know how to fix it, is incredible. That feeling is the reason why I think most people are in this field, the moment of clarity when you know exactly what happened and how to remedy it.

Back to my learning path, while working in helpdesk I was learning left and right on the job but I still made sure to follow my learning pathway by getting books on more specific topics. In addition to that, while in school I was still learning more security related topics. In summary during this time, I was problem solving typical IT at work, studying security topics at school and self studying more deep dives into what the technology is. It was a lot, not sure I can recommend doing all of that once, but can definitely recommend breaking things into topics and categories that flow into each other. Creating a “Learning Path” is very helpful since it keeps you on track and fills in a lot of gaps over time. Honestly, you can use a lot of GIAC certificate topic lists to get a good idea of what you should research yourself. They even have a handy career path just like CompTIA, in fact you can find all kinds by just Googling “IT career path“. However, I didn’t know that back then so this is a rough breakdown of what my self study path looked like:


  1. What is a computer?
  2. What is a network?
  3. How does the internet work?
  4. What’s the difference between a home network and a corporate network?
  5. What is real hacking?
  6. What is C?
  7. What is a programming language?
  8. How do you stop hackers? (You don’t, but you get the idea)
  9. Is it cyber security or cybersecurity? (Still not sure, comment below 🙂 )
  10. What is digital forensics? DFIR? Red Team?
  11. Do I need to know everything about all these topics????

For question 11, I figured out the answer not too long ago. The answer is NO, understanding a topic is different than becoming a worldwide expert on a topic. If someone says they are an expert on everything in IT or even security, you should be extremely suspect. You will never stop learning, my list of questions started with this but it’s probably on question 1337 by this point. Maybe this list will help as a starting place, maybe not but the idea is you keep asking questions and you keep seeking the answers.

What about my job, did I just stay in the helpdesk? No I did not, didn’t you read the title?? My career moved through my next numbered list, note they are not always IT:


  1. Hospital Intern
  2. Security Guard
  3. College Residence Hall Front Desk (not IT)
  4. Help Desk
  5. Jr. IT Security/Compliance
  6. Application Support
  7. Systems Admin
  8. Security Operations Center (SOC)
  9. IT Security Generalist
  10. DFIR Consultant

My path was pretty straightforward but there was definitely some deviations. However, I did make sure to keep my “learning path” the same, I knew I wanted to work in Digital Forensics and Incident Response (DFIR) so I kept working down my learning path until I could at least provide an answer to each of those questions. One of the keys I learned is, if you know what all the words in the job description mean, just apply. Note that I did not say if you meet all the requirements, that can be a topic on it’s own. Ugh. Job descriptions are not a great reflection of the actual job, it doesn’t describe what you will truly be doing day to day. However even getting to the interview point can also be hard, if you need tips please feel free to reach out. Sometimes you just have to play the game to get in the door and let your knowledge and character speak for itself in the interview.

Now that I have the job I realize that my learning path was certainly helpful, but I keep realizing that my career path and all the “deviations” makes me so much better at what I do. So I can’t say the your learning path is more important than you career path, you NEED both, but it doesn’t have the to be a perfect line to the top. On the job learning cannot be beat, as much as you read it is just not the same as what you do on the job. Sometimes its more exciting and sometimes a lot less, but I can assure you job experience is the first thing hiring managers are looking for. That doesn’t mean you can’t showcase your skill in other ways. Here’s a few tips and I encourage anyone else to put any other ideas in the comments:


So am I sad that I’m not a forensic scientist? No, of course not, this was definitely the right move for me. I’ve never felt so passionate about my work before and I do feel like the path here has worked out. I can never take my luck for granted, I don’t discredit my work but luck definitely is a big player. So if you think you need more “luck” please, please, please reach out and I will try my best to help. I can’t guarantee anything, but I can promise to give some form of advice and at the very least someone who will listen to your story. I mean you just listened to mine, it’s the least I could do. Let’s get you where you want to be.

Why did I tell my story? I don’t really know, I hope it helps at least someone out there realize that there is a path out there for you. Also, your first path isn’t always the one you will end up in, and that’s okay in fact sometimes that exactly what you need. There’s my story, hope it helps and expect to see more content around DFIR soon. You are all loved.

Terryn (ChocolateCoat)


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s