Principal Cyber Security Incident Response Engineer

Summary

Join Stitch Fix as a Principal Incident Response Engineer and lead security initiatives in our cloud-first environment. You will collaborate with cross-functional teams to develop innovative security solutions, implement best practices, and ensure compliance. This role requires extensive experience in incident response, container technologies, and AWS environments. You will design, deploy, and manage security services, acting as a go-to expert for incident response and cloud security. You'll be responsible for ensuring technology solutions address real business challenges and for mentoring junior team members. Stitch Fix offers a competitive salary, benefits, and equity.

Requirements

• 6+ years of experience in Security , preferably in an Incident Response or similar “first responder” role (Trust & Safety, Fraud, Account Protection, etc.)
• Experience leading and assisting with Security Incident analysis, documentation, and response coordination
• Proficient with the cyber security incident lifecycle and hands on involvement in security event handling
• Understanding of common adversarial tools, attack techniques, and Indicators of Compromise (IOCs)
• Intermediate to advanced knowledge of APT groups, TTPs (Tactics, Techniques, and Procedures)
• AWS experience is required; familiarity and high degree of proficiency with AWS services (e.g., Route53, IAM, Security Groups, SNS, S3, Lambas, CloudWatch, Cloud Trail)
• Hands-on experience with AWS environments, particularly in a security context; familiarity with AWS security services (e.g., Security Hub, GuardDuty, Macie)
• Hands on working knowledge of Infrastructure as Code (IaC) concepts and tools such as Terraform and Docker
• Understand the use of CI/CD pipelines and their role in a security context
• Experience optimizing and integrating common logging solutions (e.g., Splunk, SumoLogic, Datadog)
• Ability to interpret logs, events and escalate potential security threats and findings
• Hands-on investigative and deployment experience with Endpoint Detection & Response (EDR) solutions like CrowdStrike
• Proficient with scripting languages (e.g., Python) developing automation and security workflows
• Ability to follow established security procedures and lead incident response efforts
• Strong written communication skills for security documentation and reporting
• Ability to collaborate with cross-functional teams and assist in security investigations
• Knowledge of common development practices, tools and how it applies in a security context
• Eager and willing to learn and develop new skills in security automation and cloud security
• Have the ability and experience to mentor and develop junior team members, fostering growth within the team

Responsibilities

• Collaborate to develop innovative security solutions, leveraging the right tools while contributing to design and architecture across multiple systems
• Work closely with the team to develop effective solutions, leveraging the right tools while contributing to design and architecture across multiple systems
• Design, deploy, and manage security services within an organization—while also acting as the go-to expert for incident response and cloud security
• Be the first to step in, tackle challenges head-on, and do what it takes to protect and secure our organization
• Ensure that technology solutions address real business challenges
• Act when called upon in the capacity of Incident Commander during security incidents
• Ability to follow established investigative processes including management & escalation procedures while working with other senior team members during an incident; includes drafting a SITREP and driving post-mortems
• Excel in engaging with cross-functional teams during an incident in parallel with leading an active investigation and influencing favorable outcomes outside of security
• Poses the ability to stay calm “under pressure” while leading an incident to resolution in potential high-stress and time sensitive environments

Preferred Qualifications

Broad skills building, deploying, and maintaining security services in an organization, and serving as the Subject Matter Expert for incident response and cloud security

Benefits

• Competitive salary
• Benefits
• Equity
• New hire and ongoing grants of restricted stock units
• Medical, dental, vision, and other benefits