Whoop - Incident Response Lead
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• 7+ years of experience in incident response, digital forensics, threat detection, or SOC operations • Proven experience leading incident investigations in complex, cloud-native environments • Strong experience conducting host, cloud, and log-based investigations • Hands-on expertise with SIEM platforms, EDR tools, and cloud security monitoring • Experience working with external SOC or MDR providers • Strong understanding of attack frameworks (MITRE ATT&CK) and their application to detection and response • Experience supporting breach response obligations under GDPR, HIPAA, PCI, or similar regulatory frameworks • Excellent communication skills with the ability to coordinate cross-functional stakeholders under pressure • Bachelor’s degree or relevant certifications (GCIH, GCFA, CISSP, or equivalent) • This role is based in the WHOOP office located in Boston, MA. The successful candidate must be prepared to relocate if necessary to work out of the Boston, MA office. • Interested in the role, but don’t meet every qualification? We encourage you to still apply! At WHOOP, we believe there is much more to a candidate than what is written on paper, and we value character as much as experience. As we continue to build a diverse and inclusive environment, we encourage anyone who is interested in this role to apply.
Responsibilities
• Lead hands-on incident response activities, serving as the primary internal escalation point for security events • Serve as the central incident commander across Security, IT, GRC, and Legal during active incidents • Partner with the SOC to validate alerts, guide investigations, and drive containment and eradication efforts • Conduct host, cloud, and log-based investigations, and coordinate with external forensic firms when needed • Maintain and continuously improve incident response playbooks, escalation procedures, and communication workflows • Lead post-incident reviews and root cause analysis, ensuring remediation actions are clearly defined and tracked • Develop and execute tabletop exercises and incident simulations to test and strengthen response readiness • Partner with GRC and Legal to support breach impact assessments and regulatory notification processes • Drive continuous improvement of detection and response capabilities across SIEM, EDR, cloud monitoring, and identity systems • Own incident metrics and reporting, including response times, trends, and systemic risk reduction initiatives • Participate in an on-call escalation rotation to provide after-hours incident leadership when required
No credit card. Takes 10 seconds.