Director, DFIR

DFIR · Madison, Wisconsin
Department DFIR
Employment Type Full-Time
Minimum Experience Experienced

Position Summary

Directors are technical members of Tetra Defense's data breach, incident response and cybersecurity risk management teams. The primary responsibility of this role will be leading the response effort and team while investigating cyber security incidents including but not limited to ransomware, data breaches, business email compromise, and insider threats.


  • Experience leading incident response teams during complex and emergency situations
  • Experience reviewing and validating work performed by DFIR Associates
  • The ability to create a response plan based on a scoping call for an incident
  • Perform incident response functions including but not limited to host-based analysis functions through investigating Windows, Linux, and Mac OS X systems to identify Indicators of Compromise (IOCs)
  • Provide immediate onsite and remote support for digital forensics, incident response, and litigation support as needed
  • Conduct defensible data acquisitions and analysis
  • Preserve and analyze data from electronic data sources, including laptop and desktop computers, servers, mobile devices, and cloud services (Azure, AWS, etc.)
  • Process collected data in various digital forensic, litigation support, and data analytics tools
  • Produce high quality oral and written work product, presenting complex technical matters clearly and concisely
  • Examine firewall, web, database, and other log sources to identify evidence and artifacts of malicious and compromised activity
  • Provide support on incident response engagements to senior level team members to guide clients through forensic investigations, contain security incidents, and provide guidance on longer-term remediation recommendations
  • Ability to perform light travel requirements as needed to meet business demands (on average 20%) 


  • 3 years experience leading digital forensic and incident response cases
  • Proficient with host-based forensics and data breach response
  • Experienced with IR and forensics tools, such as, Magnet Axiom, EnCase, FTK, X-Ways, SIFT, Splunk, Redline, Volatility, Wireshark, TCPDump, and open source forensic tools
  • Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security or related field is preferred
  • Additional core competencies a plus such as data analytics and/or eDiscovery


  • Collaborative, hard-working, energetic team culture
  • Excellent benefits – Vision, Medical, and Dental
  • Reimbursement for approved outside continuing education and trainings
  • 401K with company match
  • Unlimited PTO/time off policy
  • Bonuses for stellar performance

About Tetra Defense

Originally founded in 2016 as Gillware Digital Forensics, Tetra Defense supports a global network of partners and clients from its offices in Madison and Milwaukee, WI. Since our founding we have grown into one of the most highly respected digital forensics, incident response and cyber risk management firms around. 


There has never been a challenge we haven’t accepted. With a team of former law enforcement, FBI agents, CISOs, IT leaders and the like, we’ve been up close and personal with investigations and incidents of every shape and size.


Early on we knew we were doing things differently than the rest. When our competitors considered a job finished, we saw so much more we could do to help the client. Whether it’s getting a business back up and running after a ransomware attack or mapping out a project plan to help businesses improve their cybersecurity defenses, we always go the extra mile.

Thank You

Your application was submitted successfully.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

  • Location
    Madison, Wisconsin
  • Department
  • Employment Type
  • Minimum Experience