Tell me about leading the response to a major incident and driving org-wide remediation afterward.

Strong answers separate response from remediation. During response: establish a single incident commander, set up comms (status, exec updates), contain/eradicate/recover, and keep a tight timeline of facts. Afterward: run a blameless post-mortem focused on contributing causes and systemic gaps, not individuals. The leadership signal is driving org-wide remediation — not just patching the one bug but identifying the vulnerability class, building a guardrail or paved-road fix, tracking remediation across many teams with owners and SLAs, and reporting progress to leadership. Show you turned a crisis into a durable systemic improvement and that you protected the culture (blameless) so people keep reporting.