Security Analyst (Security Operations)
About Nscale
Nscale is the GPU cloud engineered for AI. We provide cost-effective, high-performance infrastructure for AI start-ups and large enterprise customers. Nscale enables AI-focused companies to achieve superior results by reducing the complexity of AI development. Our GPU cloud bolsters technical capabilities and directly supports strategic business outcomes, including cost management, rapid innovation, and environmental responsibility.
We thrive on a culture of relentless innovation, ownership, and accountability, where every team member takes pride in their work and drives it with excellence and urgency. As an Nscaler, you’ll build trust through openness and transparency, where everyone is inspired to do their best work. If you join our team, you’ll be contributing to building the technology that powers the future.
About the Role
We are hiring Security Analysts to run the daily security operations work that keeps Nscale protected.
This is a hands-on analyst role, one level below Staff, working across alert triage, incident investigation, escalation, evidence collection, response coordination, vulnerability follow-up, and operational reporting. The role connects closely with Incident Response, Cyber Defence, Enterprise Security, IT, Platform Engineering, identity, endpoint, vulnerability management, network security, GRC, and platform teams.
Security operations is where controls become real. This role helps ensure security events are investigated consistently, incidents are escalated quickly, and daily operational risks do not get lost in the noise. The right person will be curious, calm under pressure, technically practical, and comfortable working across endpoint, identity, SaaS, cloud, network, and production access signals.
What you'll be doing
Security alert triage and investigation
- Triage daily security alerts across endpoint, identity, SaaS, cloud, network, email, and infrastructure telemetry.
- Investigate suspicious activity, including user behavior, device activity, login events, access changes, exposed assets, and potential data leakage.
- Separate signal from noise and make clear judgments on when to keep investigating, when to escalate, and when to ask for help.
Incident response and escalation
- Escalate confirmed or high-risk events to Incident Response, Cyber Defence, Enterprise Security, IT, Platform Engineering, or other owners.
- Execute documented response actions such as host isolation requests, account review, access disablement recommendations, malicious domain blocking requests, evidence capture, and case routing.
- Build incident timelines, collect evidence, and write clear handoff notes.
- Support post-incident reviews, including missed opportunities in prevention, detection, response, and remediation.
Operational reporting and continuous improvement
- Produce daily and weekly operational reporting covering alert volumes, true positives, escalations, open cases, recurring issues, and response SLAs.
- Improve runbooks, investigation guides, alert tuning feedback, and automation opportunities.
- Identify recurring false positives, missing context, or weak handoff points and propose fixes.
- Follow up on vulnerabilities and exposures where daily operations identifies active risk, missing ownership, or overdue remediation.
First 90 days
- Learn Nscale’s security operations workflows, escalation paths, severity model, key systems, and evidence standards.
- Build fluency across the core telemetry sources used for endpoint, identity, SaaS, cloud, and infrastructure investigations.
- Triage and document daily alerts with clear findings, confidence level, and recommended next action.
- Improve at least three runbooks or investigation guides based on real operational friction.
- Support at least one tabletop, incident review, or readiness exercise.
- Contribute to a weekly security operations report that leadership can use to understand risk, workload, and operational quality.
KPIs
- Alert triage quality and timeliness
- Escalation accuracy and speed
- Investigation documentation quality
- Runbook, alert tuning, and automation improvements
About You
- 3+ years in security operations, incident response, threat monitoring, SOC analysis, detection triage, cloud security operations, or related roles.
- Experience investigating alerts from endpoint, identity, SaaS, cloud, email, network, or application telemetry.
- Understanding of common attacker techniques such as phishing, credential theft, suspicious login behavior, malware execution, command and control, privilege misuse, data exfiltration, and cloud misconfiguration.
- Ability to write clear investigation notes, timelines, case summaries, and escalation handoffs.
- Familiarity with incident response basics: severity, containment, eradication, recovery, evidence handling, and post-incident review.
- Comfort using query languages, logs, dashboards, case management systems, or security analytics tools.
- Strong judgment on when to keep investigating, when to escalate, and when to ask for help.
- Ability to work calmly during high-pressure security events.
- Experience in a high-growth technology, cloud, infrastructure, AI, regulated, or customer-trust-sensitive environment is a plus.
- Experience improving runbooks, automating repetitive tasks, reducing alert noise, threat hunting, MITRE ATT&CK, detection logic, or incident readiness exercises is a plus.
What we can offer you
At Nscale, you'll find a collaborative, supportive, and innovative environment where your contributions spark real impact. We're building something extraordinary, and we want you at the core.
- Highly competitive US compensation package (base + bonus + equity), with performance reviews every 12 months. 🚀
- Join one of the fastest-growing AI infrastructure companies — your chance to directly shape how global AI capacity is planned and deployed. ✨
- Expect a dynamic progression plan tailored to your ambitions. Grow by leading critical cross-functional initiatives and shaping capital strategy — always with our full support.
- Human-First Flexibility: We treat you as humans first. 🫶🏽 Our flexible workplace trusts Nscalers to deliver, giving you the autonomy to shape your day around life's moments.
Equal Opportunities Statement
We strongly encourage applications from people of colour, the LGBTQ+ community, people with disabilities, neurodivergent people, parents, carers, and people from lower socio-economic backgrounds.
If there’s anything we can do to accommodate your specific situation, please let us know.
The responsibilities outlined in this job description are not exhaustive and are intended to provide a general overview of the position. The employee may be required to perform additional duties, tasks, and responsibilities as assigned by management, consistent with the skills and qualifications required for the role.
For information on how Nscale handles candidate personal data, please see our Employee & Candidate Privacy Notice: Here.
Salary Range
The range below reflects the base salary for the position. Actual compensation may vary based on job-related factors such as skill set, experience, education, and location. In addition to base salary, this role may be eligible for bonus, equity, and/or commission programs. Nscale may offer a competitive benefits package including medical, dental, vision, flexible paid time off, parental leave, and retirement plan participation.
The range below reflects the base salary for the position. Actual compensation may vary based on job-related factors such as skill set, experience, education, and location. In addition to base salary, this role may be eligible for bonus, equity, and/or commission programs. Nscale may offer a competitive benefits package including medical, dental, vision, flexible paid time off, parental leave, and retirement plan participation.
Salary Range
$100,000 - $130,000 USD
For information on how Nscale handles candidate personal data, please see our Employee & Candidate Privacy Notice: Here.
Apply for this job
*
indicates a required field
