Andreessen Horowitz (a16z) is seeking a Staff Incident Response Engineer for its San Francisco office. You will run incidents end to end, from first alert to post-mortem, across cloud and SaaS environments, defending against sophisticated threat actors targeting venture capital firms.
Key Responsibilities
- Manage incidents from detection through post-mortem across cloud and SaaS infrastructure.
- Author SIEM detections using modern detection platforms.
- Lead response efforts involving multiple firm departments and communicate clearly with stakeholders during security events.
- Run hypothesis-driven threat hunts against nation-state groups, organized criminal operations, and threats such as wire fraud and social engineering.
Required Experience
- 5+ years in incident response with cloud depth (AWS/GCP).
- Hands-on detection authoring and SIEM expertise.
- Python scripting and automation proficiency.
- Experience handling sophisticated threat actors and translating technical incidents for non-technical stakeholders.
The salary range is $243,000–$284,000, plus eligibility for a16z's carry program and discretionary bonuses, along with standard benefits. This is a hybrid role requiring 2 days per week on-site in San Francisco.