Role Description The Web Developer Security Engineer protects mission-critical web applications, application programming interfaces (APIs), and sensitive data by embedding security across the software development lifecycle. This role combines application security engineering, secure software development, vulnerability remediation, monitoring, and compliance support. Qualifications - Minimum of three years of experience in web application security, application security engineering, or secure software development lifecycle work. - Hands-on experience in secure software development, DevSecOps automation, and vulnerability remediation. - Proven experience with .NET technologies, HTML5, CSS3, JavaScript, representational state transfer (REST) APIs, and structured query language (SQL). - Ability to leverage AI-assisted development tools and scripting languages to automate monitoring and compliance efforts. - Strong understanding of the Open Worldwide Application Security Project (OWASP) Top 10, secure coding standards, web application firewalls (WAFs), file integrity monitoring, and security testing tools. - Ability to perform risk assessments and provide remediation guidance for core systems and dependencies. - Bachelor's degree or higher in computer science, cybersecurity, information systems, engineering, or a related field. - Ability to meet federal screening and suitability requirements prior to start. - Current security certifications maintained for a minimum of five years, spanning application security (such as CSSLP, GWEB, or CASE), offensive security (such as OSWE or OSCP), and foundational security (such as Security+ or GSEC); expired or never-used certifications will not be considered. Requirements - Identify, analyze, and remediate critical vulnerabilities, logic flaws, insecure dependencies, and misconfigurations in web applications and APIs. - Drive the vulnerability lifecycle through threat modeling, security assessments, and technical validation of remediation actions. - Support secure design patterns, data protection mechanisms, and secure communication protocols across applications and supporting services. - Review and analyze web server and application logs to detect anomalies and indicators of compromise. - Implement automation scripts for threat intelligence integration and application security monitoring. - Participate in audits, risk assessments, and security authorization activities tied to federal frameworks. Company Description

Role Description We are hiring a Senior Staff Engineer - Security Data, Detection and Automation to build the telemetry, detection, response automation, case-quality metrics, and reporting foundation for an increasingly Nscale-owned SOC capability. This role sits at the intersection of security engineering, data engineering, detection engineering, and security operations. You will work across endpoint, identity, SaaS, cloud, network, vulnerability, and production access domains, partnering closely with security leadership as well as adjacent teams shaping identity and vulnerability management requirements. Your impact will be strategic and measurable. The focus is not to create more alerts, but to turn raw telemetry into reliable, explainable, high-signal security outcomes that strengthen internal ownership of detection logic, containment decisions, runbooks, executive metrics, case quality, and automation. What you'll be doing - Security Telemetry and Data Foundations - Design security telemetry architecture across various domains. - Build a telemetry source map covering ownership, data quality, retention, coverage, priority use cases, and known gaps. - Establish data quality, parser quality, ingestion health, field normalization, and source ownership standards. - Create daily source-health reporting and scoring for SIEM or security analytics data quality. - Detection Engineering and Threat Coverage - Own the detection engineering lifecycle from hypothesis and data source selection through logic, testing, tuning, ownership, runbook, expiry, and metrics. - Define high-value detection use cases across various domains. - Develop detections with documented test logic, runbooks, data dependencies, and case-quality criteria. - Apply TTP-led threat modeling across various risk scenarios. - Validate detection coverage through attack simulation or other coverage-testing approaches. - Automation and Operational Improvement - Build SOAR and automation workflows that enrich alerts, suppress low-value noise, route cases, and improve analyst decision-making. - Design scalable data pipelines, enrichment flows, and automations that improve operational quality. - Implement detection-as-code or version-controlled detection content where practical. - Use automation to improve the consistency, explainability, and actionability of security outcomes. - SOC Performance and Reporting - Measure MDR/SOC performance using case-quality metrics. - Create a MDR/SOC case-quality review loop for internal and external stakeholders. - Produce security dashboards and executive reporting that connect security operations to measurable risk reduction. - Improve alert explainability for analysts and leaders. - Cross-Functional Partnership - Partner with security leadership to strengthen internal ownership of detection logic, containment decisions, runbooks, executive metrics, and automation. - Collaborate with Identity and Vulnerability Management hires to define detection requirements. - Connect engineering and operational stakeholders around shared standards. Qualifications - 8+ years in detection engineering, security data engineering, SIEM engineering, security automation, incident response engineering, or similar roles. - Strong hands-on experience with SIEM, security analytics, log management, or detection platforms. - Strong ability in coding, scripting, querying, or detection-content development. - Experience building detection logic from various telemetry sources. - Experience with detection testing, threat hunting, incident response, alert tuning, and runbook development. - Ability to design scalable data pipelines, enrichment flows, or automations. - Strong understanding of attacker TTPs, MITRE ATT&CK, identity attacks, cloud attacks, endpoint telemetry, and insider-threat indicators. - Experience with SOAR, case management, detection-as-code, GitOps, CI/CD, or automated detection testing is preferred. - Experience measuring MDR, SOC, or managed detection provider performance is preferred. - Experience using AI or agentic workflows to improve triage, enrichment, investigation, or detection validation with guardrails is preferred. Benefits - Highly competitive US compensation package (base + bonus + equity), with performance reviews every 12 months. - Join one of the fastest-growing AI infrastructure companies. - Expect a dynamic progression plan tailored to your ambitions. - Human-First Flexibility: A flexible workplace that trusts Nscalers to deliver. Equal Opportunities Statement We strongly encourage applications from people of colour, the LGBTQ+ community, people with disabilities, neurodivergent people, parents, carers, and people from lower socio-economic backgrounds. If there’s anything we can do to accommodate your specific situation, please let us know.

Role Description We’re hiring a Staff Security Engineer focused on Privileged Access and Access Automation to build Nscale’s privileged access operating model across enterprise systems, SaaS administration, infrastructure, production environments, source control, data platforms, and emergency access paths. This role sits inside the identity control plane and is intentionally execution-focused. You’ll work across Identity, Endpoint, Security Data, Network Security, Platform Engineering, IT, and service owners to turn privileged access into a practical engineering mechanism with: - Request, approval, justification - Time-bound elevation - Session or event evidence - Automated revocation - Break-glass - Clean audit trails This role is critical because standing privilege is one of the highest-risk patterns in a fast-growing infrastructure company. Your work will help make privileged access secure, fast, measurable, and recoverable so engineers can move quickly without relying on manual reviews, tribal knowledge, or permanent admin rights. Qualifications - 7+ years in identity security, privileged access, security engineering, infrastructure security, or related engineering roles - Hands-on experience designing or operating privileged access, JIT, break-glass, access request, approval, or access review workflows - Strong understanding of authentication, authorization, RBAC, SSO, MFA, access governance, admin tiering, and least privilege - Experience automating access workflows, entitlement cleanup, evidence collection, or revocation processes - Strong scripting, workflow automation, API integration, or platform engineering skills - Ability to translate access risk into practical controls that engineering and operations teams will adopt - Ability to work across enterprise systems, production environments, SaaS platforms, IT, infrastructure, and compliance stakeholders - Experience with service accounts, non-human identities, workload identities, API tokens, automation accounts, or secrets governance - Experience securing production access, source control administration, data platforms, cloud administration, or endpoint admin workflows - Experience designing access evidence for audit, customer assurance, or incident response Requirements - Build privileged access workflows across enterprise SaaS admin roles, production systems, cloud consoles, infrastructure management systems, source control, data platforms, endpoint admin, and emergency access paths - Design access patterns that support request, approval, justification, time-bound elevation, and automated revocation - Define practical controls that reduce reliance on permanent admin rights across high-risk environments - Establish clean audit trails for privileged access activity across critical systems - Implement JIT access patterns with approval, justification, expiry, revocation, and evidence collection - Create a privileged access baseline that defines who can approve access, what justification is required, how long access lasts, what evidence is captured, and how revocation works - Own exception governance for access paths that cannot yet meet the standard - Drive entitlement cleanup and stale privilege reduction through automation - Design break-glass access standards, ownership models, monitoring, and recovery procedures - Test emergency access workflows and validate break-glass readiness - Develop a tiering model for privileged access covering Tier 0 and Tier 1 systems, admin paths, sensitive groups, service-owner roles, and high-risk workflows - Identify the top 10 highest-risk standing privileges and create remediation paths - Define privileged access telemetry requirements for detection, investigations, audit, compliance, and executive reporting - Partner with Security Data to establish privileged access detections and source-health requirements - Track metrics including standing privilege reduction, JIT adoption, stale admin cleanup, break-glass test success, approval SLA, and access review closure - Build an inventory of top admin paths, owners, approvers, access methods, logging, expiry, and current risk Benefits - Highly competitive US compensation package (base + bonus + equity), with performance reviews every 12 months. - Join one of the fastest-growing AI infrastructure companies — your chance to directly shape how global AI capacity is planned and deployed. - Expect a dynamic progression plan tailored to your ambitions. - Human-First Flexibility: We treat you as humans first. Our flexible workplace trusts Nscalers to deliver, giving you the autonomy to shape your day around life's moments. Equal Opportunities Statement We strongly encourage applications from people of colour, the LGBTQ+ community, people with disabilities, neurodivergent people, parents, carers, and people from lower socio-economic backgrounds. If there’s anything we can do to accommodate your specific situation, please let us know.

Role Description We’re hiring a Staff Security Engineer focused on Endpoint and Device Security to build and operate the endpoint and device security foundation for Nscale employees, engineers, data center staff, and privileged operators. This is a hands-on engineering role centered on turning endpoint security from a collection of tools and policies into a measurable operating model. You’ll work across employee laptops and workstations, engineering endpoints, privileged admin devices, and site-support devices, partnering closely with IT, Identity, Infrastructure, Security Operations, Legal, Privacy, and business stakeholders to design controls that are secure, reliable, and workable in practice. This role is critical because endpoint and device security is one of the fastest ways to reduce enterprise risk without slowing the business down. Your work will drive stronger managed-device coverage, hardened baselines, local admin reduction, healthier telemetry, and clearer evidence that device risk is going down across the organization. What you'll be doing - Architecture & Standards - Own endpoint and device security architecture across employee devices, engineering workstations, privileged admin devices, and site-support endpoints. - Define secure baseline standards for operating systems, browsers, disk encryption, host firewalls, endpoint telemetry, and configuration hardening. - Develop practical device standards for remote workers, office users, data center staff, contractors, and high-risk user populations. - Access & Security Integration - Establish device posture requirements for access to enterprise applications, production systems, privileged workflows, and sensitive data. - Integrate endpoint posture with identity, privileged access, vulnerability management, and detection workflows. - Partner with Identity and Privileged Access teams to support high-risk application and production access decisions. - Privilege Reduction & Endpoint Operations - Drive local admin reduction and controlled elevation patterns that reduce risk without creating operational dead ends. - Lead endpoint rollout readiness, including deployment sequencing, exception handling, user communication, rollback planning, and adoption metrics. - Create an exception model with clear ownership, risk documentation, compensating controls, expiry, and review cadence. - Telemetry, Evidence & Reporting - Define endpoint telemetry requirements to support investigations, detection engineering, audit evidence, and executive reporting. - Build visibility into device security posture through dashboards covering coverage, stale devices, unmanaged endpoints, local admin status, and telemetry health. - Measure progress through metrics such as coverage, unmanaged devices, local admin reduction, hardening compliance, and endpoint detection health. KPIs - Managed device coverage - Reduction in stale and unmanaged endpoints - Local admin reduction - Hardening compliance and endpoint detection health Qualifications - 7+ years in endpoint security, device management, enterprise security engineering, infrastructure security, or related engineering roles - Hands-on experience securing Windows, macOS, and/or Linux endpoints in enterprise environments - Experience with device management, endpoint detection, OS hardening, disk encryption, browser security, host firewalls, and endpoint telemetry - Experience reducing standing local admin privileges or implementing controlled elevation models - Strong scripting, automation, packaging, configuration, or endpoint workflow engineering skills - Ability to balance strong endpoint controls with user experience, operational reliability, and business velocity - Experience partnering with IT, identity, infrastructure, security operations, legal, privacy, and business stakeholders - Experience securing high-risk engineering populations, data center support teams, privileged administrators, or remote-first workforces - Experience using device posture in conditional access, privileged access, or production access decisions - Experience producing audit-ready evidence for device controls and endpoint security posture Benefits - Highly competitive US compensation package (base + bonus + equity), with performance reviews every 12 months. - Join one of the fastest-growing AI infrastructure companies — your chance to directly shape how global AI capacity is planned and deployed. - Expect a dynamic progression plan tailored to your ambitions. Grow by leading critical cross-functional initiatives and shaping capital strategy — always with our full support. - Human-First Flexibility: We treat you as humans first. Our flexible workplace trusts Nscalers to deliver, giving you the autonomy to shape your day around life's moments.