Incident Response Commander

Company Description

AiiR is the first AI-driven breach response and extortion management platform that automates negotiations, investigations, and recovery, reducing incident costs and response times. At the core of AiiR is CEIRA, an AI-powered virtual breach response analyst that streamlines ransom negotiations, tracks cryptocurrency payments, conducts forensic investigations, and automates breach notifications. The platform provides AI-powered ransom negotiation, crypto payment tracking, threat intelligence, digital forensics, and automated breach notification and compliance. AiiR supports cyber insurers, enterprises, legal teams, and SOC, ensuring faster response times and reduced breach costs.

Role Description

We are seeking a Incident Response Commander / Project Manager based in India to join our product innovation team. You’ll play a critical role in translating real-world IR experiences into actionable use cases, working closely with our engineering and AI teams to test and validate breach workflows, QA features, and build out battle-tested Promptbooks for varied breach types.

This role requires deep domain expertise in the end-to-end incident response lifecycle—particularly across ransomware, business email compromise, insider threat, and regulatory breach scenarios.

Key Responsibilities

• 🧠 Subject Matter Expert for Breach Response

Bring your extensive IR experience to shape Promptbook scenarios and playbooks across a wide range of case types, from extortion to insider threats.

• ✅ QA and Feature Testing

Act as the QA lead for new breach response features, workflows, and case management logic inside the AiiR platform. Test AI-generated recommendations and prompt outputs for accuracy and relevance.

• 📚 Promptbook Development & Use Case Design

Author and validate Promptbooks (prompt-based workflows) for breach scenarios that mimic real-life attacker TTPs and regulatory obligations.

• 🧩 Cross-Functional Coordination

Collaborate with product managers, AI engineers, and UX teams to ensure functionality meets field demands and maintains alignment with real-world investigation and response flow.

• 🛠️ Project Management Support

Help manage internal development sprints and delivery schedules related to breach response and forensic modules.

Required Skills & Experience

• ✅ 10+ years of experience in cybersecurity, with at least 5 years in hands-on incident response (in-house, consulting, MSSP, or law enforcement).
• 🧭 Strong understanding of the IR lifecycle: detection, containment, eradication, recovery, and post-incident review.
• ✍️ Experience building IR playbooks or response frameworks (NIST, MITRE ATT&CK, ISO 27035, etc.).
• 💬 Familiarity with prompt engineering, AI-generated response design, or at least strong interest in working closely with LLMs and intelligent systems.
• 🧪 Proven experience in QA testing, user acceptance testing (UAT), or product feedback loops.
• 🧑‍💻 Comfortable using project management and product tools like Jira, Confluence, Notion, etc.
• 🌐 Experience coordinating with distributed teams across time zones.
• 🧠 Self-starter, detail-oriented, and passionate about redefining IR with modern tools.

Nice-to-Have

• 🔍 Familiarity with forensic tools (Velociraptor, KAPE, etc.) or SIEM/XDR platforms like Sentinel, Splunk, Defender.
• 🎯 Exposure to breach notification laws, regulatory frameworks (GDPR, HIPAA, SEC, etc.).
• 🧱 Background in product management, AI testing, or user story writing.
• 🧩 Experience in working with AI security tools or building IR tools/platforms.

What We Offer

• Opportunity to shape a next-gen cybersecurity platform from the ground up
• Collaborative, agile team culture across the U.S. and India
• Flexible remote work schedule
• Fast-paced, high-impact work environment with a mission to protect global organizations from breach chaos