Security Incident Response Lead
About The Position
We’re hiring a Security Incident Response Lead to own and evolve Nscale’s incident response capability in a high-scale, AI-native environment. This is a hands-on leadership role focused on leading investigations across infrastructure, enterprise systems, and security events, while driving effective containment, eradication, and recovery. The role operates at the center of incident coordination and partners closely with Detection & Response as well as cross-functional stakeholders including Infrastructure, IT, Legal, and Compliance. You will help shape how Nscale detects and responds to threats by building the processes, tooling, and operational rigor behind the incident response function. This role is critical to strengthening the organization’s security posture and ensuring high-severity events are managed with speed, clarity, and technical depth. This role will be part of the global CISO organization.
Requirements
- 8–12+ years of experience in incident response, security operations, or digital forensics
- Proven experience leading complex, high-severity incident investigations in cloud or distributed environments
- Strong expertise in forensics and investigation techniques across endpoints, cloud, and logs
- Hands-on experience with SIEM, EDR/XDR, and detection tooling
- Familiarity with cloud infrastructure and modern production environments
- Deep understanding of attack techniques, threat actors, and incident lifecycles
- Ability to operate as a technical leader during incidents and make decisions under pressure
- Strong communication skills with the ability to brief leadership and coordinate across teams
Nice To Haves
- Experience in AI infrastructure, high-performance computing, or large-scale distributed systems is a plus
- Familiarity with detection engineering, threat hunting, or building automation for incident response workflows is beneficial
Responsibilities
- Lead end-to-end security incident response across the organization
- Act as the incident commander for high-severity events
- Coordinate cross-functional response efforts with Infrastructure, IT, Legal, and Compliance
- Participate in and help design on-call and escalation rotations
- Conduct and oversee investigations across endpoints, cloud, and infrastructure systems
- Apply digital forensics techniques across logs, endpoints, and cloud environments
- Drive containment, eradication, and recovery efforts for active security incidents
- Contribute to threat hunting and proactive investigations
- Develop and maintain incident response playbooks and runbooks
- Establish escalation frameworks to support effective incident handling
- Lead post-incident reviews and root cause analysis efforts
- Drive long-term remediation actions following incidents
- Partner with Detection & Response teams to improve alerting, triage, and response workflows
- Build and scale incident response tooling and automation
- Enhance case management systems that support investigation and response operations
Benefits
- Highly competitive US compensation package (base + bonus + equity)
- Performance reviews every 12 months
- Dynamic progression plan tailored to your ambitions
- Flexible workplace
- Medical
- Dental
- Vision
- Flexible paid time off
- Parental leave
- Retirement plan participation
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
