About the Role
Founded in Silicon Valley in 2009 by Marc Andreessen and Ben Horowitz, Andreessen Horowitz (aka a16z) is a venture capital firm that backs bold entrepreneurs building the future through technology. We are stage agnostic. We invest in seed to venture to growth-stage technology companies, across AI, bio + healthcare, consumer, crypto, enterprise, fintech, games, and companies building toward American dynamism. a16z has $100B+ under management across multiple funds. We’ve established a team that is defined by respect for the entrepreneur and the company-building process; we know what it’s like to be in the founder’s shoes. We’ve invested in companies like Anduril, Airbnb, Coinbase, Cursor, Databricks, Deel, Figma, GitHub, Roblox, SpaceX, and Stripe. Our team is at the forefront of new technology, helping founders and their companies impact and change the world. The Role We're hiring a Senior Incident Response Engineer to anchor a16z's detection and response work. You'll own incident triage and response across AWS and GCP, write the detections that catch real threats in our SIEM, and run point when something serious happens. The threats here are not theoretical. We see capital call wire fraud attempts, vishing campaigns, social engineering against IT and partners, and occasionally more sophisticated actors (nation-state groups, organized criminal operations) who specifically target venture capital firms. Your work protects the firm, our LPs, and our portfolio companies. You'll work day to day with the Head of Cybersecurity, Security Engineering, IT, and Legal. This role requires an in-office presence 2 days a week in our San Francisco, CA office. To join our team, you should be excited to: Run incidents end to end, from first alert to post-mortem, across cloud and SaaS environments Write the detections that catch real threats, with a strong bias toward signal over noise and broad MITRE ATT&CK coverage Help shape the next generation of our SOC, including AI agent integration into triage and response workflows Partner across the firm during incidents: investing teams, Legal, Compliance, Finance, IT, and firm leadership all get pulled in, and this role keeps every audience aligned under pressure Drive post-mortems that lead to operational change, not process for its own sake Work against real adversaries, including nation-state groups, organized criminal operations, and threat actors who specifically target venture capital firms Minimum Qualifications 5+ years of incident response experience or equivalent demonstrated impact, with cloud IR depth across both AWS and GCP Experience leading live incidents end to end — triage, containment, eradication, forensic investigation, and post-mortem — across cloud, SaaS, identity, and endpoint surfaces Experience running proactive, hypothesis-driven threat hunts using current TTPs and intel Hands-on detection authoring in modern SIEM platforms (Sigma, KQL, or equivalent) and experience working with... (View official application link for full details)
Responsibilities
Requirements
Benefits
About a16z Crypto
Learn more about this company and their mission.