Incident Response Lead

Описание вакансии

Why work at NebiusNebius is leading a new era in cloud computing to serve the global AI economy. We create the tools and resources our customers need to solve real-world challenges and transform industries, without massive infrastructure costs or the need to build large in-house AI/ML teams. Our employees work at the cutting edge of AI cloud infrastructure alongside some of the most experienced and innovative leaders and engineers in the field.

Where we workHeadquartered in Amsterdam and listed on Nasdaq, Nebius has a global footprint with R&D hubs across Europe, North America, and Israel. The team of over 1400 employees includes more than 400 highly skilled engineers with deep expertise across hardware and software engineering, as well as an in-house AI R&D team.

Role Overview

Nebius is seeking an Incident Response Lead to own and mature the company’s global cyber incident response capability. This role sits within the CISO Office and is accountable for response execution, post-incident learning, and executive-level coordination across Nebius’ cloud, infrastructure, and platform environments.

The Incident Response Lead will act as the single accountable owner for high-severity security incidents, ensuring rapid containment, accurate impact assessment, regulatory-compliant communications, and continuous improvement of detection and response capabilities.

This role requires deep technical expertise, strong crisis leadership, and the ability to operate under pressure in highly regulated, high-availability environments.

Key Responsibilities

Incident Response Leadership

• Lead and coordinate of security incidents across Nebius’ cloud, infrastructure, and corporate environments.
• Act as Incident Commander during major incidents, driving containment, eradication, and recovery efforts.
• Support and maintain clear incident classification, escalation, and decision-making frameworks.
• Ensure 24/7 readiness through on-call structures, runbooks, and playbooks.

Detection, Triage, and Investigation

• Oversee advanced incident triage and forensic investigations across:

• Cloud platforms
• Network and perimeter security
• Identity and access systems
• Supply chain and third-party risks

• Partner with SOC, Threat Intelligence, and Threat Hunting teams to improve detection fidelity and reduce MTTR.
• Ensure evidence handling meets legal, regulatory, and forensic standards.
• Lead regulatory-ready incident documentation, timelines, and root cause analysis (RCA).
• Support audits, regulatory inquiries, and executive reporting related to security incidents.

Executive & Cross-Functional Coordination

• Serve as the primary incident response interface to:

• CISO and executive leadership
• Legal, Privacy, Compliance, and Communications teams
• Infrastructure, Network, IT, Platform, and Engineering leadership

• Deliver clear, factual, and risk-based incident briefings to senior leadership.
• Support customer and partner communications when security incidents impact trust or service availability.

Program Development & Continuous Improvement

• Support Nebius’ incident response program, including:

• Playbooks and runbooks
• Tabletop exercises and simulations
• Red/blue/purple team coordination

• Drive lessons-learned processes and ensure findings result in measurable control improvements.
• Define and track incident response KPIs (MTTD, MTTR, containment effectiveness).

Required Qualifications:

Experience

• 8+ years in cybersecurity, with significant hands-on incident response leadership experience.
• Proven experience leading large-scale, high-impact security incidents in cloud or infrastructure-heavy environments.
• Experience operating in regulated or compliance-driven environments (SOC, ISO, financial services, cloud providers, etc.).

Technical Expertise

• Strong understanding of:

• Cloud security architectures
• Network security, IAM, endpoint security, and logging pipelines
• Threat actor tactics, techniques, and procedures (MITRE ATT&CK)

• Practical experience with SIEM, SOAR, EDR, NDR, and forensic tooling.
• Ability to validate technical findings independently and challenge assumptions.

Leadership & Communication

• Demonstrated ability to lead under pressure and make high-quality decisions with incomplete data.
• Clear, concise communicator capable of briefing executives and non-technical stakeholders.
• Strong cross-functional leadership skills without relying on direct authority.

What we offer

• Competitive salary and comprehensive benefits package.
• Opportunities for professional growth within Nebius.
• Flexible working arrangements.
• A dynamic and collaborative work environment that values initiative and innovation.

We’re growing and expanding our products every day. If you’re up to the challenge and are excited about AI and ML as much as we are, join us!