Director of Platform and Product Security

<h2>About Nscale</h2> <p>Nscale is the GPU cloud engineered for AI. We provide cost-effective, high-performance infrastructure for AI start-ups and large enterprise customers. Nscale enables AI-focused companies to achieve superior results by reducing the complexity of AI development. Our GPU cloud bolsters technical capabilities and directly supports strategic business outcomes, including cost management, rapid innovation, and environmental responsibility.</p> <p>We thrive on a culture of relentless innovation, ownership, and accountability, where every team member takes pride in their work and drives it with excellence and urgency. As an Nscaler, you’ll build trust through openness and transparency, where everyone is inspired to do their best work. If you join our team, you’ll be contributing to building the technology that powers the future.</p> <h2>About the Role</h2> <p>We are hiring a <strong><strong class="textBold">Director of Platform and Product Security</strong></strong> to lead the security of Nscale’s core infrastructure platform and the software and services built on top of it.</p> <p>This is a <strong><strong class="textBold">hands-on engineering leadership role</strong></strong> reporting directly to the <strong><strong class="textBold">CISO</strong></strong> and working closely with <strong><strong class="textBold">Platform Engineering, Infrastructure, SRE, and product development</strong></strong> teams. You will own two complementary disciplines: protecting our <strong><strong class="textBold">Kubernetes-based, multi-tenant AI cloud platform</strong></strong> and embedding strong product security practices into the software lifecycle.</p> <p>This role is critical to how Nscale operates AI infrastructure at scale. You will build and lead teams that ship practical security controls, ensuring security strengthens the platform without becoming a drag on <strong><strong class="textBold">performance</strong></strong> or <strong><strong class="textBold">deployment velocity</strong></strong>.</p> <h2>What you'll be doing</h2> <p><strong><strong class="textBold">Platform Security</strong></strong></p> <ul> <li value="1"><strong><strong class="textBold">Own</strong></strong> the security architecture and controls for Nscale’s <strong><strong class="textBold">Kubernetes-based infrastructure</strong></strong>, including workload isolation, admission control, RBAC, runtime enforcement, and tenant boundary integrity</li> <li value="2"><strong><strong class="textBold">Secure</strong></strong> customer production workloads by defining and strengthening controls at the boundary between Nscale’s infrastructure responsibilities and customer-managed workloads</li> <li value="3"><strong><strong class="textBold">Drive</strong></strong> encryption standards and key management across platform services, covering data at rest, data in transit, and cryptographic practices across internal and customer-facing services</li> <li value="4"><strong><strong class="textBold">Lead</strong></strong> cloud security posture management across environments through configuration baselines, IAM governance, automated guardrails, and continuous remediation</li> </ul> <p><strong><strong class="textBold">Supply Chain and Deployment Security</strong></strong></p> <ul> <li value="1"><strong><strong class="textBold">Build</strong></strong> and operate image integrity and supply chain security capabilities, including image signing, provenance verification, and base image governance</li> <li value="2"><strong><strong class="textBold">Embed</strong></strong> security into deployment pipelines with security gates that support delivery speed rather than block it</li> <li value="3"><strong><strong class="textBold">Establish</strong></strong> safe deployment practices and rollback mechanisms for issues identified during release or operation</li> </ul> <p><strong><strong class="textBold">Product Security</strong></strong></p> <ul> <li value="1"><strong><strong class="textBold">Own</strong></strong> the security of software built and deployed on the Nscale platform through threat modeling, secure design review, and early security requirements in the development lifecycle</li> <li value="2"><strong><strong class="textBold">Build</strong></strong> and scale application security tooling, including <strong><strong class="textBold">SAST, SCA, DAST, and secrets detection</strong></strong>, integrated into <strong><strong class="textBold">CI/CD</strong></strong></li> <li value="3"><strong><strong class="textBold">Strengthen</strong></strong> service security across the platform, including authentication and authorization between services, API security, and secure communication patterns</li> <li value="4"><strong><strong class="textBold">Partner</strong></strong> directly with engineering teams to identify, prioritize, and remediate vulnerabilities</li> </ul> <p><strong><strong class="textBold">AI-Assisted Development Governance</strong></strong></p> <ul> <li value="1"><strong><strong class="textBold">Enable</strong></strong> the safe use of AI coding tools across engineering teams</li> <li value="2"><strong><strong class="textBold">Define</strong></strong> secure usage patterns for AI-assisted development workflows</li> <li value="3"><strong><strong class="textBold">Evaluate</strong></strong> risks in AI-generated code, including insecure code generation patterns, prompt injection concerns, and over-reliance on AI review</li> <li value="4"><strong><strong class="textBold">Integrate</strong></strong> security checks into AI-assisted development processes to support secure scale-up</li> </ul> <h2>KPIs</h2> <ul> <li value="1"><strong><strong class="textBold">Kubernetes platform control coverage</strong></strong></li> <li value="2"><strong><strong class="textBold">Cloud security posture remediation</strong></strong></li> <li value="3"><strong><strong class="textBold">Application security tooling adoption in CI/CD</strong></strong></li> <li value="4"><strong><strong class="textBold">Vulnerability remediation with engineering teams</strong></strong></li> </ul> <h2>About You</h2> <ul> <li value="1"><strong><strong class="textBold">15+ years</strong></strong> in security engineering, with at least <strong><strong class="textBold">5 years</strong></strong> in a leadership role managing security engineers across more than one domain</li> <li value="2">Deep hands-on experience designing and operating security controls for <strong><strong class="textBold">Kubernetes-orchestrated production infrastructure</strong></strong></li> <li value="3">Proven experience with <strong><strong class="textBold">admission control, RBAC, network policy, runtime security, workload isolation, and multi-tenant boundary enforcement</strong></strong></li> <li value="4">Strong understanding of securing platforms that run <strong><strong class="textBold">customer workloads you do not control</strong></strong>, including shared responsibility boundaries</li> <li value="5">Experience owning <strong><strong class="textBold">product security or application security</strong></strong> programs, including threat modeling, secure SDLC, and developer-facing security practices</li> <li value="6">Ability to design security controls with <strong><strong class="textBold">performance impact and deployment velocity</strong></strong> in mind</li> <li value="7">Strong engineering orientation with the ability to engage directly on <strong><strong class="textBold">architecture, code, and tooling</strong></strong> decisions</li> <li value="8">Experience securing workloads in <strong><strong class="textBold">multi-cloud environments</strong></strong> across <strong><strong class="textBold">AWS, GCP, and/or Azure</strong></strong>, including IAM, account governance, configuration management, and posture monitoring</li> <li value="9">Familiarity with the security implications of <strong><strong class="textBold">AI-assisted development</strong></strong>, including prompt injection, insecure code generation, and over-reliance on AI review</li> <li value="10">Preferred experience in <strong><strong class="textBold">GPU, HPC, or AI workload environments</strong></strong>, plus exposure to tools such as <strong><strong class="textBold">CSPM platforms, Sigstore, Cosign, Terraform, OPA Gatekeeper, Kyverno, Go, or Python</strong></strong></li> </ul> <h2>What we can offer you</h2> <p>At Nscale, you'll find a collaborative, supportive, and innovative environment where your contributions spark real impact. We're building something extraordinary, and we want you at the core.</p> <ul> <li>Highly competitive US compensation package (base + bonus + equity), with performance reviews every 12 months. 🚀</li> <li>Join one of the fastest-growing AI infrastructure companies — your chance to directly shape how global AI capacity is planned and deployed. ✨</li> <li>Expect a dynamic progression plan tailored to your ambitions. Grow by leading critical cross-functional initiatives and shaping capital strategy — always with our full support.</li> <li>Human-First Flexibility: We treat you as humans first. 🫶🏽 Our flexible workplace trusts Nscalers to deliver, giving you the autonomy to shape your day around life's moments.</li> </ul> <h2>Equal Opportunities Statement</h2> <p>We strongly encourage applications from people of colour, the LGBTQ+ community, people with disabilities, neurodivergent people, parents, carers, and people from lower socio-economic backgrounds.</p> <p>If there’s anything we can do to accommodate your specific situation, please let us know.</p> <p>The responsibilities outlined in this job description are not exhaustive and are intended to provide a general overview of the position. The employee may be required to perform additional duties, tasks, and responsibilities as assigned by management, consistent with the skills and qualifications required for the role.</p> <p>For information on how Nscale handles candidate personal data, please see our Employee &amp; Candidate Privacy Notice: Here.</p> <h2>Salary Range</h2> <p>The range below reflects the base salary for the position. Actual compensation may vary based on job-related factors such as skill set, experience, education, and location. In addition to base salary, this role may be eligible for bonus, equity, and/or commission programs. Nscale may offer a competitive benefits package including medical, dental, vision, flexible paid time off, parental leave, and retirement plan participation</p><div class="content-pay-transparency"><div class="pay-input"><div class="description"><p>The range below reflects the base salary for the position. Actual compensation may vary based on job-related factors such as skill set, experience, education, and location. In addition to base salary, this role may be eligible for bonus, equity, and/or commission programs. Nscale may offer a competitive benefits package including medical, dental, vision, flexible paid time off, parental leave, and retirement plan participation.</p></div><div class="title">Salary Range</div><div class="pay-range"><span>$225,000</span><span class="divider">&mdash;</span><span>$250,000 USD</span></div></div></div><div class="content-conclusion"><p><em>For information on how Nscale handles candidate personal data, please see our Employee &amp; Candidate Privacy Notice:&nbsp;<a href="https://drive.google.com/file/d/1QK5Yg04WHD9K9IAtJgQWubJZC9oLvatK/view?usp=sharing" target="_blank" data-saferedirecturl="https://www.google.com/url?q=https://drive.google.com/file/d/1QK5Yg04WHD9K9IAtJgQWubJZC9oLvatK/view?usp%3Dsharing&amp;source=gmail&amp;ust=1765375172804000&amp;usg=AOvVaw2Ncte4rmlGl8OKuFuDgDtx">Here.</a></em></p></div>