Incident Response Lead

About The Position

Requirements

• Deep Technical Roots: 7+ years of industry experience in IR with a focus on Information Security principles.
• Cloud Mastery: Proven expertise in attack and mitigation methods within complex AWS, GCP, or Azure environments.
• Incident Response Prowess: Extensive experience in risk prioritization and managing the lifecycle of security incidents in a global production environment.
• Technical Breadth: Mastery in at least 5 of the following: Endpoint Protection (EDR/XDR) & Zero Trust architecture. Identity Management (IAM/IDM) and SSO/SAML. Security Analytics (SIEM/Logging) such as ELK or Splunk. Container Security (Docker, Kubernetes). Email Protection & Patch Management.
• Coding Proficiency: Ability to review and guide the development of security tools in Python or Go.
• Communication: Exceptional ability to translate complex technical risks into actionable business insights for stakeholders.

Responsibilities

• Incident Commander: Act as the primary escalation point for high-priority security incidents, leading the triage, containment, and post-mortem processes.
• Drive Automation: Champion "Security as Code" by leading the development of internal tools (Python/Go) to automate monitoring and remediation.
• Cross-Functional Partnership: Collaborate with SRE, DevOps, and Product teams to drive holistic fixes for systemic architectural vulnerabilities.
• Evangelize Security: Build a culture of security across the organization through training, documentation, and proactive risk management.

Benefits

• Open to remote work for candidates outside a reasonable commuting distance to the Atlanta office.
• This position also includes an equity package of restricted stock units (RSU).
• In addition, employees are eligible to participate in our Employee Stock Purchase Plan.
• Comprehensive benefits including medical, dental, vision, retirement, wellness and much more!