Principal Incident Responder

Fluidstack

$120K — $160K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Proven experience leading security incidents from alert to resolution under pressure.
  • Ability to develop detection logic and effective response playbooks for real-world intrusions.
  • Expertise in digital forensics across cloud, endpoint, and network systems.
  • Experience building or significantly enhancing an incident response program from the ground up.
  • Proficiency in proactive threat hunting, identifying missed activities by existing tools.
  • Strong writing skills for clear incident reports and actionable postmortems.
  • Preferably experienced with defending high-value targets against advanced nation-state threats.

Responsibilities

  • Lead end-to-end incident response across multiple environments including corporate and cloud systems.
  • Develop detection mechanisms, response playbooks, and forensic tools tailored to highly targeted technology assets.
  • Conduct investigations that consolidate signals from diverse systems to form a comprehensive attack narrative.
  • Establish the incident response function, including severity models and on-call rotations.
  • Collaborate with security and IT teams to implement permanent improvements based on investigation outcomes.

Benefits

  • Commitment to pay equity and transparency in the recruitment process.
Full Job Description
Role Scope
  • - Lead incident response end to end across corporate, cloud, and data center environments, from detection and containment through eradication and post-incident review.
  • - Build the detection logic, response playbooks, and forensic tooling for an environment where the assets under threat are the most targeted model weights in technology.
  • - Run investigations across a threat surface measured in gigawatts, correlating signals from cloud, endpoint, network, and physical systems into a single picture of an attack.
  • - Stand up the incident response function from the ground up, defining severity models, on-call rotations, and the escalation path to leadership.
  • - Turn each incident into a permanent improvement by partnering with the security and IT teams to close the gaps your investigations surface.
What We're Looking For
  • **The below is a starting point. We always make space for exceptional people, so if you don't fit this role exactly, tell us where you would.**
  • - You've personally led major security incidents from first alert to resolution, making containment calls under pressure with the business watching.
  • - You've built detection logic and response playbooks that caught real intrusions, not just theoretical ones.
  • - You've run digital forensics across cloud, endpoint, and network evidence and reconstructed what an attacker actually did.
  • - You've stood up or substantially rebuilt an incident response program rather than only operating inside someone else's.
  • - You've hunted for threats proactively and found activity that existing tooling missed.
  • - You write incident reports and postmortems clear enough that both engineers and executives act on them.
  • - Bonus: Experience defending high-value targets such as AI labs, financial infrastructure, or critical infrastructure against nation-state threat models. Cloud-native forensics (AWS, GCP). Detection engineering and SIEM or SOAR tooling. Malware analysis or reverse engineering.


We are committed to pay equity and transparency.

You will receive a confirmation email once your application has successfully been accepted. If there is an error with your submission and you did not receive a confirmation email, please email [redacted] with your resume/CV, the role you've applied for, and the date you submitted your application-- someone from our recruiting team will be in touch.

Similar Jobs

More Jobs at Fluidstack

More Information Technology Jobs

Find similar Principal Incident Responder jobs: