Director of Cyber Defense Engineering

<h2>About Nscale</h2> <p>Nscale is the GPU cloud engineered for AI. We provide cost-effective, high-performance infrastructure for AI start-ups and large enterprise customers. Nscale enables AI-focused companies to achieve superior results by reducing the complexity of AI development. Our GPU cloud bolsters technical capabilities and directly supports strategic business outcomes, including cost management, rapid innovation, and environmental responsibility.</p> <p>We thrive on a culture of relentless innovation, ownership, and accountability, where every team member takes pride in their work and drives it with excellence and urgency. As an Nscaler, you’ll build trust through openness and transparency, where everyone is inspired to do their best work. If you join our team, you’ll be contributing to building the technology that powers the future.</p> <h2>About the Role</h2> <p>We are hiring a <strong><strong class="textBold">Director of Cyber Defense Engineering</strong></strong> to own Nscale’s full defensive stack and build a cyber defense program that matches the pace and complexity of AI cloud infrastructure risk.</p> <p>Reporting directly to the <strong><strong class="textBold">CISO</strong></strong>, this role sits at the center of Nscale’s security leadership and works closely with <strong><strong class="textBold">engineering</strong></strong> and <strong><strong class="textBold">executive leadership</strong></strong>. You will lead across a <strong><strong class="textBold">24x7 global SOC</strong></strong>, <strong><strong class="textBold">incident response</strong></strong>, <strong><strong class="textBold">threat intelligence</strong></strong>, <strong><strong class="textBold">detection engineering</strong></strong>, and <strong><strong class="textBold">red team</strong></strong>, bringing together functions that must operate as one during both day-to-day defense and high-severity incidents.</p> <p>This role is critical to strengthening Nscale’s defensive posture as the threat landscape evolves faster than traditional enterprise security programs were designed to handle. You will shape how the organization detects, responds to, and learns from threats, while ensuring security findings translate into better detections, stronger playbooks, and more resilient controls.</p> <h2>What you'll be doing</h2> <p><strong><strong class="textBold">24x7 Global SOC</strong></strong></p> <ul> <li value="1"><strong><strong class="textBold">Lead</strong></strong> a follow-the-sun SOC across multiple regions and drive a resilient global operating model.</li> <li value="2"><strong><strong class="textBold">Set</strong></strong> standards for shift handoffs, triage discipline, escalation thresholds, and analyst development.</li> <li value="3"><strong><strong class="textBold">Drive</strong></strong> AI-assisted triage and alert enrichment to reduce manual workload and improve analyst efficiency.</li> <li value="4"><strong><strong class="textBold">Define</strong></strong> SLAs and KPIs that reflect defensive posture and operational effectiveness.</li> </ul> <p><strong><strong class="textBold">Incident Response Leadership</strong></strong></p> <ul> <li value="1"><strong><strong class="textBold">Own</strong></strong> the incident response program end-to-end, including playbooks, retainers, tabletops, and post-mortems.</li> <li value="2"><strong><strong class="textBold">Lead</strong></strong> high-severity incident response across engineering, legal, and executive stakeholders.</li> <li value="3"><strong><strong class="textBold">Apply</strong></strong> AI tooling to accelerate post-incident analysis, including timeline reconstruction, root cause correlation, and pattern identification.</li> <li value="4"><strong><strong class="textBold">Ensure</strong></strong> incident findings translate into updated detections, playbooks, and controls.</li> </ul> <p><strong><strong class="textBold">Detection Engineering &amp; Defensive Tooling</strong></strong></p> <ul> <li value="1"><strong><strong class="textBold">Own</strong></strong> detection strategy across endpoints, cloud control planes, Kubernetes and container environments, network, and identity.</li> <li value="2"><strong><strong class="textBold">Build</strong></strong> and <strong><strong class="textBold">tune</strong></strong> SIEM, EDR, NDR, and SOAR capabilities to improve signal quality and response speed.</li> <li value="3"><strong><strong class="textBold">Apply</strong></strong> ML-based detection techniques to surface anomalies and low-signal threats that rule-based approaches may miss.</li> <li value="4"><strong><strong class="textBold">Refine</strong></strong> detection design continuously using threat intelligence and red team findings.</li> </ul> <p><strong><strong class="textBold">Threat Intelligence Program</strong></strong></p> <ul> <li value="1"><strong><strong class="textBold">Build</strong></strong> a threat intelligence program focused on risks relevant to AI cloud infrastructure, including actors, methods, and campaigns targeting platforms like Nscale’s.</li> <li value="2"><strong><strong class="textBold">Translate</strong></strong> intelligence into actionable detection coverage, red team scenarios, and defensive investment priorities.</li> <li value="3"><strong><strong class="textBold">Connect</strong></strong> intelligence outputs directly to operational security outcomes rather than standalone briefings.</li> </ul> <p><strong><strong class="textBold">Red Team &amp; Adversary Simulation</strong></strong></p> <ul> <li value="1"><strong><strong class="textBold">Lead</strong></strong> adversary emulation across infrastructure, identity, and production systems.</li> <li value="2"><strong><strong class="textBold">Run</strong></strong> purple team exercises tied to measurable improvements in detection coverage.</li> <li value="3"><strong><strong class="textBold">Partner</strong></strong> with Platform Engineering to remediate findings and strengthen defensive controls.</li> </ul> <h2>KPIs</h2> <ul> <li value="1">SOC SLA and KPI performance</li> <li value="2">High-severity incident response effectiveness</li> <li value="3">Detection coverage across cloud, Kubernetes, network, identity, and endpoints</li> <li value="4">Measurable improvement from red team and purple team exercises</li> </ul> <h2>About You</h2> <ul> <li value="1"><strong><strong class="textBold">15+ years</strong></strong> in cybersecurity, with at least <strong><strong class="textBold">5 years</strong></strong> leading a multi-function cyber defense team</li> <li value="2">Direct leadership experience across <strong><strong class="textBold">SOC operations, incident response, detection engineering, threat intelligence, and red team</strong></strong></li> <li value="3">Experience serving as the <strong><strong class="textBold">incident commander</strong></strong> or most senior security leader during a significant breach, ransomware event, nation-state intrusion, or critical infrastructure attack</li> <li value="4">Strong hands-on experience securing <strong><strong class="textBold">cloud-native, containerized, Kubernetes-orchestrated production environments</strong></strong></li> <li value="5">Deep knowledge of risks including <strong><strong class="textBold">control plane exposure, container escape, image supply chain, secrets management, and lateral movement through service meshes</strong></strong></li> <li value="6">Technical depth to engage directly on <strong><strong class="textBold">detection logic, attacker tradecraft, and security architecture</strong></strong></li> <li value="7">Practical experience applying <strong><strong class="textBold">AI</strong></strong> in security operations, including triage, anomaly detection, or investigation workflows</li> <li value="8">Clear understanding of both the <strong><strong class="textBold">capabilities and limitations</strong></strong> of AI in cyber defense</li> <li value="9">Ability to lead effectively under pressure and make high-stakes decisions with incomplete information</li> <li value="10">Preferred experience defending <strong><strong class="textBold">AI, GPU, HPC, or cloud-native platforms</strong></strong>, operating in regulated environments, or contributing through research, talks, or open-source tooling</li> </ul> <h2>What we can offer you</h2> <p>At Nscale, you'll find a collaborative, supportive, and innovative environment where your contributions spark real impact. We're building something extraordinary, and we want you at the core.</p> <ul> <li>Highly competitive US compensation package (base + bonus + equity), with performance reviews every 12 months. 🚀</li> <li>Join one of the fastest-growing AI infrastructure companies — your chance to directly shape how global AI capacity is planned and deployed. ✨</li> <li>Expect a dynamic progression plan tailored to your ambitions. Grow by leading critical cross-functional initiatives and shaping capital strategy — always with our full support.</li> <li>Human-First Flexibility: We treat you as humans first. 🫶🏽 Our flexible workplace trusts Nscalers to deliver, giving you the autonomy to shape your day around life's moments.</li> </ul> <h2>Equal Opportunities Statement</h2> <p>We strongly encourage applications from people of colour, the LGBTQ+ community, people with disabilities, neurodivergent people, parents, carers, and people from lower socio-economic backgrounds.</p> <p>If there’s anything we can do to accommodate your specific situation, please let us know.</p> <p>The responsibilities outlined in this job description are not exhaustive and are intended to provide a general overview of the position. The employee may be required to perform additional duties, tasks, and responsibilities as assigned by management, consistent with the skills and qualifications required for the role.</p> <p>For information on how Nscale handles candidate personal data, please see our Employee &amp; Candidate Privacy Notice: Here.</p> <h2>Salary Range</h2> <p>The range below reflects the base salary for the position. Actual compensation may vary based on job-related factors such as skill set, experience, education, and location. In addition to base salary, this role may be eligible for bonus, equity, and/or commission programs. Nscale may offer a competitive benefits package including medical, dental, vision, flexible paid time off, parental leave, and retirement plan participation.</p><div class="content-pay-transparency"><div class="pay-input"><div class="description"><p>The range below reflects the base salary for the position. Actual compensation may vary based on job-related factors such as skill set, experience, education, and location. In addition to base salary, this role may be eligible for bonus, equity, and/or commission programs. Nscale may offer a competitive benefits package including medical, dental, vision, flexible paid time off, parental leave, and retirement plan participation.</p></div><div class="title">Salary Range</div><div class="pay-range"><span>$275,000</span><span class="divider">&mdash;</span><span>$315,000 USD</span></div></div></div><div class="content-conclusion"><p><em>For information on how Nscale handles candidate personal data, please see our Employee &amp; Candidate Privacy Notice:&nbsp;<a href="https://drive.google.com/file/d/1QK5Yg04WHD9K9IAtJgQWubJZC9oLvatK/view?usp=sharing" target="_blank" data-saferedirecturl="https://www.google.com/url?q=https://drive.google.com/file/d/1QK5Yg04WHD9K9IAtJgQWubJZC9oLvatK/view?usp%3Dsharing&amp;source=gmail&amp;ust=1765375172804000&amp;usg=AOvVaw2Ncte4rmlGl8OKuFuDgDtx">Here.</a></em></p></div>