Principal Incident Responder

Job Title: Principal Incident Responder
Location: San Francisco, CA or NYC, NY (Hybrid)
Compensation: Up to $370K + Equity

About the Role
A rapidly growing AI infrastructure company is seeking a Principal Incident Responder to help build and lead Detection & Response Engineering across critical infrastructure environments.

The ideal candidate will bring deep expertise in incident command, operational readiness, and cross-functional crisis management while helping shape the future of agent-first incident response capabilities.

What You’ll Do

• Lead material incidents as incident commander across detection, response, physical security, infrastructure operations, legal, communications, and customer stakeholders
• Build and scale the incident response program, including runbook standards, severity classifications, evidence methodologies, and post-incident review processes
• Define escalation criteria and operational workflows between AI-driven systems and human responders
• Design and operate senior-level incident response on-call processes, including escalation chains and response SLAs
• Analyze incident trends and recurring risks to drive improvements across detection, response, and infrastructure programs
• Drive cross-functional remediation efforts and ensure operational follow-through after major incidents
• Define and report on key incident response program metrics to security and engineering leadership
• Lead tabletop exercises, crisis simulations, and readiness initiatives across technical and executive stakeholders
• Support regulatory, audit, and customer-facing incident communications as needed

Requirements & Skills

• Extensive experience leading material incidents within organizations operating sophisticated threat environments
• Experience making disclosure-related decisions under regulatory and customer reporting timelines
• Proven ability to design and operationalize incident response runbooks and processes
• Experience building operational programs from the ground up within fast-paced environments
• Strong understanding of modern incident response methodologies and operational effectiveness
• Ability to navigate both highly technical investigations and executive-level communications during active incidents
• Strong ownership mindset with the ability to independently lead high-impact initiatives

Strong Candidates May Also Have

• Experience responding to incidents spanning cyber, physical, OT, or ICS environments
• Background supporting critical infrastructure, data center, or industrial environments
• Experience building or operating agent-augmented incident response capabilities
• Experience working with LLM-driven incident response, triage, or investigation systems

Why Join?

• Opportunity to help secure critical AI and compute infrastructure environments
• Exposure to cutting-edge AI, automation, and incident response technologies
• High-impact leadership role with significant ownership and visibility
• Collaborative engineering-focused environment solving complex security challenges
• Competitive compensation package including equity opportunities, health coverage, and generous PTO