# Incident Response Lead

**Company:** [WHOOP](https://hotfix.jobs/companies/whoop)
**Location:** Boston, MA
**Role:** Security Engineering
**Experience:** 7+ years
**Skills:** SIEM, Edr, Mitre Att&Ck, Digital Forensics, Cloud Security, Incident Response, Soc Operations, Threat Detection, GDPR, HIPAA
**Posted:** 2026-03-12

> Lead security incident response as the primary escalation point and incident commander, partnering with SOC and cross-functional teams to investigate, contain, and remediate threats in cloud-native environments.

## Job Description

## Responsibilities
- Lead hands-on incident response activities, serving as the primary internal escalation point for security events
- Serve as the central incident commander across Security, IT, GRC, and Legal during active incidents
- Partner with the SOC to validate alerts, guide investigations, and drive containment and eradication efforts
- Conduct host, cloud, and log-based investigations, and coordinate with external forensic firms when needed
- Maintain and continuously improve incident response playbooks, escalation procedures, and communication workflows
- Lead post-incident reviews and root cause analysis, ensuring remediation actions are clearly defined and tracked
- Develop and execute tabletop exercises and incident simulations to test and strengthen response readiness
- Partner with GRC and Legal to support breach impact assessments and regulatory notification processes
- Drive continuous improvement of detection and response capabilities across SIEM, EDR, cloud monitoring, and identity systems
- Own incident metrics and reporting, including response times, trends, and systemic risk reduction initiatives
- Participate in an on-call escalation rotation to provide after-hours incident leadership when required

## Requirements
- 7+ years of experience in incident response, digital forensics, threat detection, or SOC operations
- Proven experience leading incident investigations in complex, cloud-native environments
- Strong experience conducting host, cloud, and log-based investigations
- Hands-on expertise with SIEM platforms, EDR tools, and cloud security monitoring
- Experience working with external SOC or MDR providers
- Strong understanding of attack frameworks (MITRE ATT&CK) and their application to detection and response
- Experience supporting breach response obligations under GDPR, HIPAA, PCI, or similar regulatory frameworks
- Excellent communication skills with the ability to coordinate cross-functional stakeholders under pressure
- Bachelor’s degree or relevant certifications (GCIH, GCFA, CISSP, or equivalent)

## Similar roles

- [Network Security Engineer](https://hotfix.jobs/jobs/39366c71-c790-48b1-9a61-d52f71b06aed) - Zoox - Foster City, CA - $181k – $218k/yr
- [Senior Software Engineer](https://hotfix.jobs/jobs/2ad28874-4486-42ff-949a-ec54985c2762) - Snowflake - Bellevue, WA - $200k – $288k/yr
- [Software Security Engineering Manager, Secure Frameworks](https://hotfix.jobs/jobs/26e1ecde-76c2-491f-951c-78e9c075c076) - Anthropic - San Francisco, CA - $405k – $485k/yr
- [Founding Security Engineer](https://hotfix.jobs/jobs/6deb6526-e0c3-42a9-9c29-360c4354d869) - Forus - New York, NY
- [Manager, Supply Chain Protection & Loss Intelligence](https://hotfix.jobs/jobs/9e3a84ce-58cf-480f-bf1d-6fefa2cf89bf) - Flexport - Miami, FL

**Apply:** https://hotfix.jobs/jobs/269368b8-9d49-4d6f-be86-f6db6084cca7
**Canonical:** https://hotfix.jobs/jobs/269368b8-9d49-4d6f-be86-f6db6084cca7