Skip to content
WHOOPWHOOPBoston, MA

Incident Response Lead

Lead security incident response as the primary escalation point and incident commander, partnering with SOC and cross-functional teams to investigate, contain, and remediate threats in cloud-native environments.

Salary not listed
On-site7+ YOESecurity Engineering

About the role

Responsibilities

  • Lead hands-on incident response activities, serving as the primary internal escalation point for security events
  • Serve as the central incident commander across Security, IT, GRC, and Legal during active incidents
  • Partner with the SOC to validate alerts, guide investigations, and drive containment and eradication efforts
  • Conduct host, cloud, and log-based investigations, and coordinate with external forensic firms when needed
  • Maintain and continuously improve incident response playbooks, escalation procedures, and communication workflows
  • Lead post-incident reviews and root cause analysis, ensuring remediation actions are clearly defined and tracked
  • Develop and execute tabletop exercises and incident simulations to test and strengthen response readiness
  • Partner with GRC and Legal to support breach impact assessments and regulatory notification processes
  • Drive continuous improvement of detection and response capabilities across SIEM, EDR, cloud monitoring, and identity systems
  • Own incident metrics and reporting, including response times, trends, and systemic risk reduction initiatives
  • Participate in an on-call escalation rotation to provide after-hours incident leadership when required

Requirements

  • 7+ years of experience in incident response, digital forensics, threat detection, or SOC operations
  • Proven experience leading incident investigations in complex, cloud-native environments
  • Strong experience conducting host, cloud, and log-based investigations
  • Hands-on expertise with SIEM platforms, EDR tools, and cloud security monitoring
  • Experience working with external SOC or MDR providers
  • Strong understanding of attack frameworks (MITRE ATT&CK) and their application to detection and response
  • Experience supporting breach response obligations under GDPR, HIPAA, PCI, or similar regulatory frameworks
  • Excellent communication skills with the ability to coordinate cross-functional stakeholders under pressure
  • Bachelor’s degree or relevant certifications (GCIH, GCFA, CISSP, or equivalent)

Skills

SIEMEdrMitre Att&CkDigital ForensicsCloud SecurityIncident ResponseSoc OperationsThreat DetectionGDPRHIPAA
Zoox

Network Security Engineer

ZooxFoster City, CA

Network Security Engineer designing, implementing, and operating secure hybrid/multi-cloud network architectures, next-gen firewalls, ZTNA/VPN, and automation (Terraform/Python) across enterprise, OT, and cloud environments (AWS/GCP). Requires 6+ years experience in network security, firewalls, cloud security, IaC, and compliance (NIST, ISO).

181k – 218k/yr
Hybrid6+ YOESecurity Engineering
Snowflake

Senior Software Engineer

SnowflakeBellevue, WA +1

Senior Software Engineer building Snowflake's core identity, access management, and AI-native security infrastructure for the Data Cloud. Design secure agent workflows, IAM systems, encryption, and policy enforcement tooling at massive scale.

200k – 288k/yr
Hybrid5+ YOESecurity Engineering
Anthropic

Software Security Engineering Manager, Secure Frameworks

AnthropicSan Francisco, CA +1

Lead the Secure Frameworks Research team at Anthropic to build high-leverage security libraries and frameworks (cryptographic, serialization, authorization) that prevent vulnerabilities in AI model development. Manage engineers, drive adoption across teams, and balance security rigor with development velocity; requires 5+ years security/software engineering and 3+ years managing security teams.

405k – 485k/yr
Hybrid8+ YOESecurity Engineering
Forus

Founding Security Engineer

ForusNew York, NY

Founding Security Engineer owning cloud (AWS/GCP), product, AI data, detection/response, and compliance (HIPAA/SOC 2) for a healthcare AI platform handling PHI at scale. Requires 7+ years security engineering on strong SWE foundation, hands-on IaC, and multi-domain expertise.

Salary not listed
On-site7+ YOESecurity Engineering
Flexport

Manager, Supply Chain Protection & Loss Intelligence

FlexportMiami, FL

Manager responsible for global supply chain protection, loss prevention, and physical security programs at Flexport. Oversees 50+ security officers, electronic systems (CCTV/access control), data-driven investigations, policy/SOP authoring, and new facility stand-up across offices and fulfillment centers.

Salary not listed
On-site8+ YOESecurity Engineering