Director of Cyber Defense Engineering

About Nscale

Nscale is the GPU cloud engineered for AI. We provide cost-effective, high-performance infrastructure for AI start-ups and large enterprise customers. Nscale enables AI-focused companies to achieve superior results by reducing the complexity of AI development. Our GPU cloud bolsters technical capabilities and directly supports strategic business outcomes, including cost management, rapid innovation, and environmental responsibility.

We thrive on a culture of relentless innovation, ownership, and accountability, where every team member takes pride in their work and drives it with excellence and urgency. As an Nscaler, you’ll build trust through openness and transparency, where everyone is inspired to do their best work. If you join our team, you’ll be contributing to building the technology that powers the future.

About the Role

We are hiring a Director of Cyber Defense Engineering to own Nscale’s full defensive stack and build a cyber defense program that matches the pace and complexity of AI cloud infrastructure risk.

Reporting directly to the CISO, this role sits at the center of Nscale’s security leadership and works closely with engineering and executive leadership. You will lead across a 24x7 global SOC, incident response, threat intelligence, detection engineering, and red team, bringing together functions that must operate as one during both day-to-day defense and high-severity incidents.

This role is critical to strengthening Nscale’s defensive posture as the threat landscape evolves faster than traditional enterprise security programs were designed to handle. You will shape how the organization detects, responds to, and learns from threats, while ensuring security findings translate into better detections, stronger playbooks, and more resilient controls.

What you'll be doing

24x7 Global SOC

• Lead a follow-the-sun SOC across multiple regions and drive a resilient global operating model.
• Set standards for shift handoffs, triage discipline, escalation thresholds, and analyst development.
• Drive AI-assisted triage and alert enrichment to reduce manual workload and improve analyst efficiency.
• Define SLAs and KPIs that reflect defensive posture and operational effectiveness.

Incident Response Leadership

• Own the incident response program end-to-end, including playbooks, retainers, tabletops, and post-mortems.
• Lead high-severity incident response across engineering, legal, and executive stakeholders.
• Apply AI tooling to accelerate post-incident analysis, including timeline reconstruction, root cause correlation, and pattern identification.
• Ensure incident findings translate into updated detections, playbooks, and controls.

Detection Engineering & Defensive Tooling

• Own detection strategy across endpoints, cloud control planes, Kubernetes and container environments, network, and identity.
• Build and tune SIEM, EDR, NDR, and SOAR capabilities to improve signal quality and response speed.
• Apply ML-based detection techniques to surface anomalies and low-signal threats that rule-based approaches may miss.
• Refine detection design continuously using threat intelligence and red team findings.

Threat Intelligence Program

• Build a threat intelligence program focused on risks relevant to AI cloud infrastructure, including actors, methods, and campaigns targeting platforms like Nscale’s.
• Translate intelligence into actionable detection coverage, red team scenarios, and defensive investment priorities.
• Connect intelligence outputs directly to operational security outcomes rather than standalone briefings.

Red Team & Adversary Simulation

• Lead adversary emulation across infrastructure, identity, and production systems.
• Run purple team exercises tied to measurable improvements in detection coverage.
• Partner with Platform Engineering to remediate findings and strengthen defensive controls.

KPIs

• SOC SLA and KPI performance
• High-severity incident response effectiveness
• Detection coverage across cloud, Kubernetes, network, identity, and endpoints
• Measurable improvement from red team and purple team exercises

About You

• 15+ years in cybersecurity, with at least 5 years leading a multi-function cyber defense team
• Direct leadership experience across SOC operations, incident response, detection engineering, threat intelligence, and red team
• Experience serving as the incident commander or most senior security leader during a significant breach, ransomware event, nation-state intrusion, or critical infrastructure attack
• Strong hands-on experience securing cloud-native, containerized, Kubernetes-orchestrated production environments
• Deep knowledge of risks including control plane exposure, container escape, image supply chain, secrets management, and lateral movement through service meshes
• Technical depth to engage directly on detection logic, attacker tradecraft, and security architecture
• Practical experience applying AI in security operations, including triage, anomaly detection, or investigation workflows
• Clear understanding of both the capabilities and limitations of AI in cyber defense
• Ability to lead effectively under pressure and make high-stakes decisions with incomplete information
• Preferred experience defending AI, GPU, HPC, or cloud-native platforms, operating in regulated environments, or contributing through research, talks, or open-source tooling

What we can offer you

At Nscale, you'll find a collaborative, supportive, and innovative environment where your contributions spark real impact. We're building something extraordinary, and we want you at the core.

• Highly competitive US compensation package (base + bonus + equity), with performance reviews every 12 months. 🚀
• Join one of the fastest-growing AI infrastructure companies — your chance to directly shape how global AI capacity is planned and deployed. ✨
• Expect a dynamic progression plan tailored to your ambitions. Grow by leading critical cross-functional initiatives and shaping capital strategy — always with our full support.
• Human-First Flexibility: We treat you as humans first. 🫶🏽 Our flexible workplace trusts Nscalers to deliver, giving you the autonomy to shape your day around life's moments.

Equal Opportunities Statement

We strongly encourage applications from people of colour, the LGBTQ+ community, people with disabilities, neurodivergent people, parents, carers, and people from lower socio-economic backgrounds.

If there’s anything we can do to accommodate your specific situation, please let us know.

The responsibilities outlined in this job description are not exhaustive and are intended to provide a general overview of the position. The employee may be required to perform additional duties, tasks, and responsibilities as assigned by management, consistent with the skills and qualifications required for the role.

For information on how Nscale handles candidate personal data, please see our Employee & Candidate Privacy Notice: Here.

Salary Range

The range below reflects the base salary for the position. Actual compensation may vary based on job-related factors such as skill set, experience, education, and location. In addition to base salary, this role may be eligible for bonus, equity, and/or commission programs. Nscale may offer a competitive benefits package including medical, dental, vision, flexible paid time off, parental leave, and retirement plan participation.

For information on how Nscale handles candidate personal data, please see our Employee & Candidate Privacy Notice: Here.