This a Full Remote job, the offer is available from: EMEA About PostHog We're shipping every product that companies need to run their business from their first day, to the day they IPO, and beyond. The operating system for folks who build software. We started with open-source product analytics, launched out of Y Combinator's W20 cohort. We've since shipped more than a dozen products, including: • A built-in data warehouse, so users can query product and customer data together using custom SQL insights. • A customer data platform, so they can send their data wherever they need with ease. • PostHog AI, an AI-powered analyst that answers product questions, helps users find useful session recordings, and writes custom SQL queries. Next on the roadmap are CRM, Workflow, revenue analytics, and support products. When we say every product that companies need to run their business, we really mean it! We are: • Product-led. More than 100,000 companies have installed PostHog, mostly driven by word-of-mouth. We have intensely strong product-market fit. • Default alive. Revenue is growing 10% MoM on average, and we're very efficient. We raise money to push ambition and grow faster, not to keep the lights on. • Well-funded. We've raised more than $100m from some of the world's top investors. We're set up for a long, ambitious journey. We're focused on building an awesome product for end users, hiring exceptional teammates, shipping fast, and being as weird as possible. Things we care about • Transparency: Everyone can read about our roadmap, how we pay (or even let go of) people, our strategy, and how we work, in our public company handbook. Internally, we share revenue, notes and slides from board meetings, and fundraising plans, so everyone has the context they need to make good decisions. • Autonomy: We don’t tell anyone what to do. Everyone chooses what to work on next based on what's going to have the biggest impact on our customers, and what they find interesting and motivating to work on. Engineers lead product teams and make product decisions. Teams are flexible and easy to change when needed. • Shipping fast: Why not now? We want to build a lot of products; we can't do that shipping at a normal pace. We've built the company around small teams – autonomous, highly-efficient groups of cracked engineers who can outship much larger companies because they own their products end-to-end. • Time for building: Nothing gets shipped in a meeting. We're a natively remote company. We default to async communication – PRs > Issues > Slack. Tuesdays and Thursdays are meeting-free days, and we prioritize heads down building time over perfect coordination. This will be the most productive job you've ever had. • Ambition: We want to solve big problems. We strongly believe that aiming for the best possible upside, and sometimes missing, is better than never trying. We're optimistic about what's possible and our ability to get there. • Being weird: Weird means redesigning an already world-class website for the 5th time. It means shipping literally every product that relates to customer data. It means building an objectively unnecessary developer toy with dubious shareholder value. Doing weird stuff is a competitive advantage. And it's fun. Who we're looking for We are looking for our first dedicated Incident Response Engineer to own detection, response, and cloud security at PostHog. PostHog is growing fast, and our attack surface is growing with it. We recently rolled out Wiz, and while it’s given us great visibility, it’s not enough. Currently, we have one security specialist and our infra engineers are spending part of their time on supporting him with security triage rather than building infrastructure. We need to fix that. We’re looking for someone to take the reins of our security operations, build out our detection pipelines, and ensure that when something goes bump in the night, we have the observability to know exactly what happened. This is a unique role as you’ll: • Build from Scratch: You aren't maintaining someone else's legacy SIEM. You are shaping the security team, culture and tooling for a high-growth, open-source company. • Zero Bureaucracy: We hate meetings. We don't have "Security Committees." You have the autonomy to make changes and move fast. • Transparency: We work in the open. You’ll be able to see (and contribute to) how we handled past incidents, like this NPM package compromise. • Direct Impact: Your work directly protects the data of thousands of customers. When you improve our security posture, the whole company (and our community) feels it. What you'll be doing • Triage and Tune: You’ll own our Wiz alerts. You’ll be responsible for turning "noise" into "actionable findings" and ensuring we aren't just staring at a dashboard of 1,000 "Critical" issues that don't actually matter. • Incident detection, response: You’ll lead the charge on security incidents. Whether it’s a compromised NPM package or a susp