• Live by the NuHarbor corporate values: Help Clients Win, Always Improve, Protect the House. • Own investigations end-to-end from initial alert through root cause analysis and client-ready written narrative. • Correlate across SIEM, EDR, and identity telemetry to identify missed alerts. • Support the Security Analyst team with alert triage and escalation within SLA requirements. • Communicate proactively with the Security Operations Manager on active threats and escalations. • Produce ticket documentation without editorial cleanup. • Remain current on emerging threats, CVEs, and attacker techniques. • Train, mentor, and support junior analysts. • Review escalations prior to client delivery, ensuring documentation quality.

Role Description We’re hiring a Staff Security Engineer, Detection Platform to design and scale Nscale’s detection and response capabilities. In this high-impact engineering role, you will build the systems and logic that power how we detect and respond to threats across infrastructure, endpoints, cloud, and enterprise environments. The role sits at the intersection of security engineering, security operations, and incident response, with close collaboration across teams to improve alert usability, investigation workflows, and overall operational effectiveness. You’ll play a strategic role in strengthening Nscale’s security posture by building scalable, reliable detection systems, improving signal quality, and automating response. This work is central to helping the organization detect threats faster, reduce manual effort, and continuously improve coverage and fidelity as our environment evolves. This role will be part of the global CISO organization. What you'll be doing - Detection Engineering - Design detection logic and alerting across infrastructure, cloud, endpoint, and SaaS environments. - Develop and maintain high-fidelity detection rules based on threat intelligence and known attack patterns. - Tune detection systems continuously to improve coverage and reduce false positives. - Build tooling and infrastructure to support threat hunting and proactive detection. - Platform & Pipeline Development - Build and scale SIEM pipelines for log ingestion, normalization, enrichment, and correlation. - Work with log data at scale to improve the reliability and usability of detection systems. - Support scalable security systems that operate across modern infrastructure environments. - Automation & AI-Driven Response - Implement response automation using SOAR platforms or custom workflows to reduce manual effort. - Integrate AI and machine learning techniques to improve signal quality, anomaly detection, and alert triage. - Optimize automated workflows to help reduce response time and improve operational efficiency. - Cross-Functional Security Operations - Partner with Security Operations to improve alert prioritization, usability, and investigation workflows. - Collaborate with Incident Response to support investigations and drive detection improvements. - Influence detection strategy and system direction at a Staff level across teams. - Measurement & Continuous Improvement - Establish detection metrics such as coverage, fidelity, and time to detect. - Track platform performance to identify gaps and guide ongoing improvements. - Use operational insights to strengthen detection quality and response effectiveness over time. KPIs - Detection coverage - Detection fidelity - Time to detect - Reduction in false positives Qualifications - 8+ years of experience in security engineering, detection engineering, or security operations. - Strong experience building SIEM pipelines and detection systems using tools such as Splunk, Elastic, or Chronicle. - Hands-on experience writing detection rules and working with log data at scale. - Experience with SOAR platforms or security automation frameworks. - Familiarity with cloud environments such as AWS, GCP, or Azure and modern infrastructure. - Strong understanding of MITRE ATT&CK, attack techniques, and adversary behavior. - Experience integrating or leveraging AI/ML techniques for detection or triage. - Ability to operate at a Staff level, with ownership of systems, technical direction-setting, and cross-functional influence. - Experience in high-scale or infrastructure-heavy environments is a plus. - Background in threat hunting, incident response, custom detection platforms, security tooling, streaming data pipelines, or AI/ML workloads is a plus. Benefits - Highly competitive US compensation package (base + bonus + equity), with performance reviews every 12 months. - Join one of the fastest-growing AI infrastructure companies — your chance to directly shape how global AI capacity is planned and deployed. - Expect a dynamic progression plan tailored to your ambitions. Grow by leading critical cross-functional initiatives and shaping capital strategy — always with our full support. - Human-First Flexibility: We treat you as humans first. Our flexible workplace trusts Nscalers to deliver, giving you the autonomy to shape your day around life's moments.

• Own enterprise-wide security incident response —ensure the team can detect, triage, contain, eradicate, and recover from incidents across cloud, on-prem, SaaS, and endpoint environments with speed and precision. • Maintain and continuously improve the incident response plan, playbooks, escalation procedures, and communication templates, ensuring they are tested, current, and aligned to NIST CSF 2.0. • Serve as incident commander or executive sponsor for high-severity incidents; make real-time decisions on containment and remediation under pressure. • Drive post-incident reviews that produce actionable findings, root-cause analysis, and measurable improvements—not just documentation. • Coordinate threat response across US and India teams, ensuring consistent coverage, quality, and process regardless of geography. • Partner with Legal & Privacy throughout the incident response lifecycle—ensuring timely notification assessments, evidence preservation, regulatory reporting obligations, and litigation hold requirements are met in coordination with response activities. • Own the security and IT tooling portfolio across the company: endpoint management (MDM, EDR), identity infrastructure, SIEM/SOAR, network security, vulnerability scanning, email security, cloud security posture management, and related platforms. • Build and maintain operational metrics and dashboards that provide the CISO and leadership with clear visibility into incident trends, MTTD/MTTR, tool health, SLA performance, and infrastructure posture.

Role Description Buscamos um(a) Analista de Segurança da Informação para atuar na construção e evolução da operação de Cloud Security e SecOps, com foco em ambientes AWS e monitoramento de segurança utilizando Wazuh. Nossos clientes são empresas do segmento de meios eletrônicos de pagamento e serviços financeiros, em um momento estratégico de expansão e fortalecimento da operação de segurança. Qualifications - Experiência mínima de 4 anos em Segurança da Informação. - Pelo menos 2 anos atuando com AWS Security. - Experiência prática com: - Security Hub - GuardDuty - CloudTrail - CloudWatch - IAM - Config - Macie - VPC - AWS WAF - Experiência com Wazuh (configuração, integrações e regras customizadas). - Conhecimentos sólidos em IAM e Governança de Acessos. - Experiência com Microsoft Entra ID (Azure AD) e Active Directory. - Perfil autônomo, colaborativo e adaptado ao modelo remoto. Requirements - Experiência em fintechs ou instituições financeiras. - Conhecimento em LGPD, BACEN, ISO 27001 e NIST. - Certificações AWS e Security. Benefits - CLT + Benefícios - Cartão Flexível: R$ 770/mês - Plano de Saúde Bradesco (sem mensalidade, apenas coparticipação) - Assistência Odontológica MetLife - Seguro de Vida - Trabalho 100% Remoto Challenges - Estruturar e evoluir o monitoramento de segurança em ambiente AWS. - Integrar ativos AWS ao Wazuh. - Atuar com Security Hub, GuardDuty, CloudTrail, CloudWatch, IAM, Macie e WAF. - Implementar e otimizar controles de Cloud Security. - Apoiar processos de resposta a incidentes e gestão de vulnerabilidades. - Administrar Microsoft Entra ID (Azure AD) e Active Directory.