Skip to content

Principal Incident Responder

FluidstackAustin, TX, US · New York, NY, US · San Francisco, CA, US · Seattle, WA, US · Remote (US)July 18, 2026
Remote
Full-time
Incident Response
Staff

About Fluidstack

We exist to make humanity more free. For most of human history, you farmed or you starved. Technology gave people more time for the things they wanted to do, instead of things they had to do. Powerful AI will be the biggest lever for human choice we've ever built - but only if models are aligned with what humanity actually wants. There are groups building AI who don't share these goals. Whoever deploys frontier compute infrastructure fastest will decide whether AI expands human freedom or shrinks it.

We're singularly focused on delivering 10 to 100s of GWs of compute faster than anyone else, rethinking every layer of the stack. We acquire power, design and build data centers, and operate them - with teams spanning hardware and software. Speed and scale are our key differentiators. Come be a part of building civilization-scale infrastructure for AI.

We hire people who care deeply about this problem space. If that is you, please apply!

How We Operate

  • - **Extreme ownership. ** Full autonomy. Own things end to end often taking on scope outside your core role without being asked to get things done.

  • - **Velocity. ** We drive everything forward as fast as possible.

  • - **First principles. ** Challenge every assumption. Zero analogy thinking, no egos, the best idea wins.

  • - **Love of the game. ** The frontier of AI is the most interesting problem of our time. We put in long hours at high intensity to push the frontier forward.

The Security Team

  • **Examples of key problems the team is working on**

  • - **You're securing the frontier of AI.** The model weights training on our infrastructure are the most valuable and most targeted artifacts in technology, and we're standing up the compute to hold them faster than anyone ever has. A breach isn't a leak, it's the frontier walking out the door.

  • - **Build the entire security program from scratch.** Most leaders inherit someone else's system and spend a career patching it. Here you own it end to end, bare metal to boardroom, as we scale across continents.

  • - **Your threat surface is measured in gigawatts.** The customers running on our infrastructure are building the most consequential technology in human history, and being responsible for the physical and logical security of that work makes everything else feel small.

Role Scope

  • - Lead incident response end to end across corporate, cloud, and data center environments, from detection and containment through eradication and post-incident review.

  • - Build the detection logic, response playbooks, and forensic tooling for an environment where the assets under threat are the most targeted model weights in technology.

  • - Run investigations across a threat surface measured in gigawatts, correlating signals from cloud, endpoint, network, and physical systems into a single picture of an attack.

  • - Stand up the incident response function from the ground up, defining severity models, on-call rotations, and the escalation path to leadership.

  • - Turn each incident into a permanent improvement by partnering with the security and IT teams to close the gaps your investigations surface.

What We're Looking For

  • **The below is a starting point. We always make space for exceptional people, so if you don't fit this role exactly, tell us where you would.**

  • - You've personally led major security incidents from first alert to resolution, making containment calls under pressure with the business watching.

  • - You've built detection logic and response playbooks that caught real intrusions, not just theoretical ones.

  • - You've run digital forensics across cloud, endpoint, and network evidence and reconstructed what an attacker actually did.

  • - You've stood up or substantially rebuilt an incident response program rather than only operating inside someone else's.

  • - You've hunted for threats proactively and found activity that existing tooling missed.

  • - You write incident reports and postmortems clear enough that both engineers and executives act on them.

  • - Bonus: Experience defending high-value targets such as AI labs, financial infrastructure, or critical infrastructure against nation-state threat models. Cloud-native forensics (AWS, GCP). Detection engineering and SIEM or SOAR tooling. Malware analysis or reverse engineering.

We are committed to pay equity and transparency.

Fluidstack is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans’ status, or any other characteristic protected by law. Fluidstack will consider for employment qualified applicants with arrest and conviction records pursuant to applicable law.

You will receive a confirmation email once your application has successfully been accepted. If there is an error with your submission and you did not receive a confirmation email, please email [email protected] with your resume/CV, the role you've applied for, and the date you submitted your application-- someone from our recruiting team will be in touch.

Job Details

Salary

$330,000 – $380,000/yr

Experience

Staff

Tools & Tech

AWS
GCP