Staff Engineer, Endpoint Security

About Nscale

Nscale is the GPU cloud engineered for AI. We provide cost-effective, high-performance infrastructure for AI start-ups and large enterprise customers. Nscale enables AI-focused companies to achieve superior results by reducing the complexity of AI development. Our GPU cloud bolsters technical capabilities and directly supports strategic business outcomes, including cost management, rapid innovation, and environmental responsibility.

We thrive on a culture of relentless innovation, ownership, and accountability, where every team member takes pride in their work and drives it with excellence and urgency. As an Nscaler, you’ll build trust through openness and transparency, where everyone is inspired to do their best work. If you join our team, you’ll be contributing to building the technology that powers the future.

About the Role

We’re hiring a Staff Security Engineer focused on Endpoint and Device Security to build and operate the endpoint and device security foundation for Nscale employees, engineers, data center staff, and privileged operators.

This is a hands-on engineering role centered on turning endpoint security from a collection of tools and policies into a measurable operating model. You’ll work across employee laptops and workstations, engineering endpoints, privileged admin devices, and site-support devices, partnering closely with IT, Identity, Infrastructure, Security Operations, Legal, Privacy, and business stakeholders to design controls that are secure, reliable, and workable in practice.

This role is critical because endpoint and device security is one of the fastest ways to reduce enterprise risk without slowing the business down. Your work will drive stronger managed-device coverage, hardened baselines, local admin reduction, healthier telemetry, and clearer evidence that device risk is going down across the organization.

What you'll be doing

Architecture & Standards

• Own endpoint and device security architecture across employee devices, engineering workstations, privileged admin devices, and site-support endpoints.
• Define secure baseline standards for operating systems, browsers, disk encryption, host firewalls, endpoint telemetry, and configuration hardening.
• Develop practical device standards for remote workers, office users, data center staff, contractors, and high-risk user populations.

Access & Security Integration

• Establish device posture requirements for access to enterprise applications, production systems, privileged workflows, and sensitive data.
• Integrate endpoint posture with identity, privileged access, vulnerability management, and detection workflows.
• Partner with Identity and Privileged Access teams to support high-risk application and production access decisions.

Privilege Reduction & Endpoint Operations

• Drive local admin reduction and controlled elevation patterns that reduce risk without creating operational dead ends.
• Lead endpoint rollout readiness, including deployment sequencing, exception handling, user communication, rollback planning, and adoption metrics.
• Create an exception model with clear ownership, risk documentation, compensating controls, expiry, and review cadence.

Telemetry, Evidence & Reporting

• Define endpoint telemetry requirements to support investigations, detection engineering, audit evidence, and executive reporting.
• Build visibility into device security posture through dashboards covering coverage, stale devices, unmanaged endpoints, local admin status, and telemetry health.
• Measure progress through metrics such as coverage, unmanaged devices, local admin reduction, hardening compliance, and endpoint detection health.

KPIs

• Managed device coverage
• Reduction in stale and unmanaged endpoints
• Local admin reduction
• Hardening compliance and endpoint detection health

About You

• 7+ years in endpoint security, device management, enterprise security engineering, infrastructure security, or related engineering roles
• Hands-on experience securing Windows, macOS, and/or Linux endpoints in enterprise environments
• Experience with device management, endpoint detection, OS hardening, disk encryption, browser security, host firewalls, and endpoint telemetry
• Experience reducing standing local admin privileges or implementing controlled elevation models
• Strong scripting, automation, packaging, configuration, or endpoint workflow engineering skills
• Ability to balance strong endpoint controls with user experience, operational reliability, and business velocity
• Experience partnering with IT, identity, infrastructure, security operations, legal, privacy, and business stakeholders
• Experience securing high-risk engineering populations, data center support teams, privileged administrators, or remote-first workforces
• Experience using device posture in conditional access, privileged access, or production access decisions
• Experience producing audit-ready evidence for device controls and endpoint security posture

What we can offer you

At Nscale, you'll find a collaborative, supportive, and innovative environment where your contributions spark real impact. We're building something extraordinary, and we want you at the core.

• Highly competitive US compensation package (base + bonus + equity), with performance reviews every 12 months. 🚀
• Join one of the fastest-growing AI infrastructure companies — your chance to directly shape how global AI capacity is planned and deployed. ✨
• Expect a dynamic progression plan tailored to your ambitions. Grow by leading critical cross-functional initiatives and shaping capital strategy — always with our full support.
• Human-First Flexibility: We treat you as humans first. 🫶🏽 Our flexible workplace trusts Nscalers to deliver, giving you the autonomy to shape your day around life's moments.

Equal Opportunities Statement

We strongly encourage applications from people of colour, the LGBTQ+ community, people with disabilities, neurodivergent people, parents, carers, and people from lower socio-economic backgrounds.

If there’s anything we can do to accommodate your specific situation, please let us know.

The responsibilities outlined in this job description are not exhaustive and are intended to provide a general overview of the position. The employee may be required to perform additional duties, tasks, and responsibilities as assigned by management, consistent with the skills and qualifications required for the role.

For information on how Nscale handles candidate personal data, please see our Employee & Candidate Privacy Notice: Here.

Salary Range

The range below reflects the base salary for the position. Actual compensation may vary based on job-related factors such as skill set, experience, education, and location. In addition to base salary, this role may be eligible for bonus, equity, and/or commission programs. Nscale may offer a competitive benefits package including medical, dental, vision, flexible paid time off, parental leave, and retirement plan participation.

For information on how Nscale handles candidate personal data, please see our Employee & Candidate Privacy Notice: Here.