Debatable. Computer Forensics and Incident Handling/Response is my primary day job and I enjoy it quite a bit. Always looking for more incident to do an analysis and understand an adversary even more.
BTW, just for the record - malware scans do nothing. It's still signature based, and a PHP shell would not be picked up by malware scans if the signatures are not in the malware scanner.