Lead security incident response as the primary escalation point and incident commander, partnering with SOC and cross-functional teams to investigate, contain, and remediate threats in cloud-native environments.
Salary not listed
On-site7+ YOESecurity Engineering
About the role
Responsibilities
Lead hands-on incident response activities, serving as the primary internal escalation point for security events
Serve as the central incident commander across Security, IT, GRC, and Legal during active incidents
Partner with the SOC to validate alerts, guide investigations, and drive containment and eradication efforts
Conduct host, cloud, and log-based investigations, and coordinate with external forensic firms when needed
Maintain and continuously improve incident response playbooks, escalation procedures, and communication workflows
Lead post-incident reviews and root cause analysis, ensuring remediation actions are clearly defined and tracked
Develop and execute tabletop exercises and incident simulations to test and strengthen response readiness
Partner with GRC and Legal to support breach impact assessments and regulatory notification processes
Drive continuous improvement of detection and response capabilities across SIEM, EDR, cloud monitoring, and identity systems
Own incident metrics and reporting, including response times, trends, and systemic risk reduction initiatives
Participate in an on-call escalation rotation to provide after-hours incident leadership when required
Requirements
7+ years of experience in incident response, digital forensics, threat detection, or SOC operations
Proven experience leading incident investigations in complex, cloud-native environments
Strong experience conducting host, cloud, and log-based investigations
Hands-on expertise with SIEM platforms, EDR tools, and cloud security monitoring
Experience working with external SOC or MDR providers
Strong understanding of attack frameworks (MITRE ATT&CK) and their application to detection and response
Experience supporting breach response obligations under GDPR, HIPAA, PCI, or similar regulatory frameworks
Excellent communication skills with the ability to coordinate cross-functional stakeholders under pressure
Bachelor’s degree or relevant certifications (GCIH, GCFA, CISSP, or equivalent)
Network Security Engineer designing, implementing, and operating secure hybrid/multi-cloud network architectures, next-gen firewalls, ZTNA/VPN, and automation (Terraform/Python) across enterprise, OT, and cloud environments (AWS/GCP). Requires 6+ years experience in network security, firewalls, cloud security, IaC, and compliance (NIST, ISO).
181k – 218k/yr
Hybrid6+ YOESecurity Engineering
Senior Software Engineer
SnowflakeBellevue, WA +1
Senior Software Engineer building Snowflake's core identity, access management, and AI-native security infrastructure for the Data Cloud. Design secure agent workflows, IAM systems, encryption, and policy enforcement tooling at massive scale.
Lead the Secure Frameworks Research team at Anthropic to build high-leverage security libraries and frameworks (cryptographic, serialization, authorization) that prevent vulnerabilities in AI model development. Manage engineers, drive adoption across teams, and balance security rigor with development velocity; requires 5+ years security/software engineering and 3+ years managing security teams.
405k – 485k/yr
Hybrid8+ YOESecurity Engineering
Founding Security Engineer
ForusNew York, NY
Founding Security Engineer owning cloud (AWS/GCP), product, AI data, detection/response, and compliance (HIPAA/SOC 2) for a healthcare AI platform handling PHI at scale. Requires 7+ years security engineering on strong SWE foundation, hands-on IaC, and multi-domain expertise.
Salary not listed
On-site7+ YOESecurity Engineering
Manager, Supply Chain Protection & Loss Intelligence
FlexportMiami, FL
Manager responsible for global supply chain protection, loss prevention, and physical security programs at Flexport. Oversees 50+ security officers, electronic systems (CCTV/access control), data-driven investigations, policy/SOP authoring, and new facility stand-up across offices and fulfillment centers.