Principal Incident Responder

Fluidstack

$130K — $180K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 5-7 years of experience leading major security incidents from detection to resolution.
  • Proven ability to create detection logic and response playbooks based on actual intrusions.
  • Experience in conducting digital forensics across diverse environments, including cloud and endpoints.
  • Demonstrated capability to build or significantly enhance incident response programs from the ground up.
  • Proficiency in proactively hunting for unnoticed threats and documenting findings.
  • Skilled in writing clear incident reports suitable for technical and non-technical audiences.
  • Preferred experience with high-value targets and cloud-native forensics.

Responsibilities

  • Lead end-to-end incident response across corporate, cloud, and data center environments.
  • Develop detection logic, response playbooks, and forensic tools for targeted technology assets.
  • Coordinate investigations on complex threat surfaces, correlating data from various systems.
  • Establish the incident response function, including severity models and escalation processes.
  • Partner with security and IT teams to ensure continuous improvement post-incident.

Benefits

  • Collaborative work environment with innovative projects.
  • Opportunities for professional development and continuous learning.
  • Involvement in a team focused on leading-edge security initiatives.
  • Impactful role within a company that values security across its infrastructure.
Full Job Description
Role Scope
  • - Lead incident response end to end across corporate, cloud, and data center environments, from detection and containment through eradication and post-incident review.
  • - Build the detection logic, response playbooks, and forensic tooling for an environment where the assets under threat are the most targeted model weights in technology.
  • - Run investigations across a threat surface measured in gigawatts, correlating signals from cloud, endpoint, network, and physical systems into a single picture of an attack.
  • - Stand up the incident response function from the ground up, defining severity models, on-call rotations, and the escalation path to leadership.
  • - Turn each incident into a permanent improvement by partnering with the security and IT teams to close the gaps your investigations surface.
What We're Looking For
  • **The below is a starting point. We always make space for exceptional people, so if you don't fit this role exactly, tell us where you would.**
  • - You've personally led major security incidents from first alert to resolution, making containment calls under pressure with the business watching.
  • - You've built detection logic and response playbooks that caught real intrusions, not just theoretical ones.
  • - You've run digital forensics across cloud, endpoint, and network evidence and reconstructed what an attacker actually did.
  • - You've stood up or substantially rebuilt an incident response program rather than only operating inside someone else's.
  • - You've hunted for threats proactively and found activity that existing tooling missed.
  • - You write incident reports and postmortems clear enough that both engineers and executives act on them.
  • - Bonus: Experience defending high-value targets such as AI labs, financial infrastructure, or critical infrastructure against nation-state threat models. Cloud-native forensics (AWS, GCP). Detection engineering and SIEM or SOAR tooling. Malware analysis or reverse engineering.


We are committed to pay equity and transparency.

Similar Jobs

More Jobs at Fluidstack

More Information Technology Jobs

Find similar Principal Incident Responder jobs: