At Carta, we’re building the future of equity and ownership. We’ve changed how companies, investors, and employees manage equity. Now, we’re transforming how capital markets operate. Our goal is to create more owners and increase transparency and liquidity for shareholders. More than 900,000 investors, law firms, and employees use our platform, and we manage over $575B in equity.

About Carta Security

Carta’s mission is to Create More Owners and Carta Security’s mission is to Create More Security Owners. We are a team of builders who enable security to happen throughout the company: around the office, in the pipeline, or on the developers laptop. Our tools give feedback to coworkers about how well they’re keeping up with security training, responding to vulnerabilities, and improving their skills so they can own it.

Carta’s Security Operations Team (or Blue Team) is responsible for tools used to protect our company, providing actionable threat intelligence, and managing detection and response activities. The Staff Incident Response Engineer supports this by working across the organization to refine the logging standards, ensure correct logs are collected, manage our SIEM, and continuously improve the response plan using tabletop exercises. 

Why Join Carta Security

As a Staff Incident Response Engineer you’ll:

  • Improve “Standard Operating Procedures” (SOPs) and educate stakeholders with them in order to improve incident response
  • Use your experiences to build a better logging program and re-evaluate our collection process
  • Implement and improve anti-hacking applications and processes
  • Bring your unique and diverse viewpoints to our team
  • Have KPIs which focus on automation, not just running around putting out fires

What We’re Looking For

  1. Be passionate about Detection and Incident Management and working with engineering teams
  2. Worked with with Security Information and Event Monitoring (SIEM) platforms such as Splunk and SumoLogic
  3. Experience with the identification and implementation of counter-measures or mitigating controls for deployment and implementation in the enterprise network environment.
  4. Experience collecting and maintaining information pertinent to security investigations and incidents in a format that supports analysis, situational awareness reporting, and law enforcement investigation efforts
  5. Know when to build and when to buy

Pluses (Experience with…)

  1. Automation of incident resolution using 3rd party tools with Python or similar language
  2. A working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.)
  3. The “infrastructure as code” mindset (using tools like Terraform, Ansible, Chef, Puppet, etc)
  4. Experience with VPC flow logs or other cloud network logging

Carta is a Series F company and is backed by top-tier VCs like Andreessen Horowitz, Lightspeed Venture Partners, Meritech Capital, and more.

We are an equal opportunity employer and are committed to providing a positive interview experience for every candidate. If accommodations due to a disability or medical condition are needed, connect with us via email at As a company, we value fairness, helpfulness, transparency, leadership and build our teams around these values. Check out our careers page to get to know us better as you think about your next step at Carta.

Please read about our candidate privacy policy here. 


Apply for this Job

* Required