Senior Staff Security Engineer - Network Security
AMER
Nscale is the GPU cloud engineered for AI. We provide cost-effective, high-performance infrastructure for AI start-ups and large enterprise customers. Nscale enables AI-focused companies to achieve superior results by reducing the complexity of AI development. Our GPU cloud bolsters technical capabilities and directly supports strategic business outcomes, including cost management, rapid innovation, and environmental responsibility.
We thrive on a culture of relentless innovation, ownership, and accountability, where every team member takes pride in their work and drives it with excellence and urgency. As an Nscaler, you'll build trust through openness and transparency, where everyone is inspired to do their best work. If you join our team, you'll be contributing to building the technology that powers the future.
About the Role
We're hiring a Staff Security Engineer - Network Security to define and implement the network security patterns that keep Nscale's corporate, OT/BMS, production management, customer management, telemetry, and internet access paths separated, observable, and secure.
This role sits at the intersection of security, infrastructure, facilities, IT, platform engineering, security operations, physical security, and third‐party providers. You'll work across data centers, colocation sites, office environments, and production management networks, reviewing designs before hardware and implementation decisions are locked and creating repeatable baselines that support fast deployment in real‐world conditions.
Your work will help Nscale avoid one‐off network security decisions at each new site build. By establishing clear trust boundaries, segmentation patterns, and practical standards, you'll enable the business to move quickly while reducing the risk of corporate networks becoming accidental privileged access zones and ensuring operational networks have the controls they need.
What you'll be doing
Reference architecture and trust boundaries
Define data center network security reference architecture across corporate internet access, OT/BMS, production management, customer management, telemetry, and site operations networks.
Establish trust‐boundary decisions that determine which networks are untrusted, which are privileged, and which flows are explicitly required.
Translate network diagrams into trust boundaries, required flows, security controls, monitoring requirements, and risk decisions.
Create a clear policy position that corporate site networks provide internet access and do not become privileged access zones by default.
Segmentation, controls, and secure access
Design segmentation patterns, firewall policy principles, routing controls, and network access control requirements for high‐risk paths.
Define when network access control is required, optional, or unnecessary based on trust zone, user population, asset class, and operational risk.
Prevent fragile controls such as IP‐based trust from replacing strong identity, device posture, application‐layer authentication, and explicit authorization.
Specify requirements for local safety‐critical telemetry paths where latency, availability, or physical operations make remote‐only dependencies unacceptable.
Design review and deployment standards
Review new data center, colocation, office, and site network designs before implementation choices are finalized.
Assess urgent network designs and identify decisions that must be approved, changed, or accepted with compensating controls.
Set security standards for third‐party network providers, installation partners, managed service providers, and data center specialists.
Build reusable design checklists, diagrams, and decision records for future site builds.
Telemetry, monitoring, and cross‐functional partnership
Define network telemetry, logging, and detection requirements across corporate, OT/BMS, production management, and internet‐edge paths.
Partner with Identity and Security Data to ensure network access depends on strong authentication and produces usable telemetry.
Collaborate with cross‐functional teams to balance security, operational safety, availability, and deployment speed.
Support practical security decisions in environments with fast hardware timelines, incomplete designs, and third‐party dependencies.
KPIs
Current‐state network trust‐boundary map completed
Minimum security baseline for new data center deployments defined
Urgent network design reviews completed before implementation lock‐in
Usable network telemetry and logging coverage across key network domains
About You
8+ years of experience in network security, data center networking, infrastructure security, enterprise network engineering, or related engineering roles
Deep hands‐on experience with routing, switching, segmentation, firewalls, internet edge, WAN, remote access, wireless, and network troubleshooting
Experience designing or reviewing secure networks across data centers, colocation sites, offices, production environments, or globally distributed infrastructure
Experience securing OT, BMS, industrial, facilities, or other operational networks where safety, availability, and local control matter
Strong understanding of zero‐trust principles, identity‐aware access, least privilege, explicit authorization, and the limits of network location‐based trust
Ability to translate network diagrams into trust boundaries, required flows, security controls, monitoring requirements, and risk decisions
Ability to work effectively with infrastructure, facilities, IT, platform engineering, security operations, physical security, and third‐party providers
Experience building reusable network security standards, design review processes, and deployment gates
Strong judgment in real‐world environments with incomplete designs, urgent timelines, and complex trust‐boundary decisions
Preferred exposure to AI infrastructure, GPU clusters, high‐performance computing, sovereign infrastructure, or hyperscale data center environments
What we can offer you
At Nscale, you'll find a collaborative, supportive, and innovative environment where your contributions spark real impact. We're building something extraordinary, and we want you at the core.
Highly competitive US compensation package (base + bonus + equity), with performance reviews every 12 months.
Join one of the fastest‐growing AI infrastructure companies — your chance to directly shape how global AI capacity is planned and deployed.
Expect a dynamic progression plan tailored to your ambitions. Grow by leading critical cross‐functional initiatives and shaping capital strategy — always with our full support.
Human‐First Flexibility: We treat you as humans first. Our flexible workplace trusts Nscalers to deliver, giving you the autonomy to shape your day around life's moments.
We strongly encourage applications from people of colour, the LGBTQ+ community, people with disabilities, neurodivergent people, parents, carers, and people from lower socio‐economic backgrounds.
The responsibilities outlined in this job description are not exhaustive and are intended to provide a general overview of the position. The employee may be required to perform additional duties, tasks, and responsibilities as assigned by management, consistent with the skills and qualifications required for the role.
Salary Range
The range below reflects the base salary for the position. Actual compensation may vary based on job‐related factors such as skill set, experience, education, and location. In addition to base salary, this role may be eligible for bonus, equity, and/or commission programs. Nscale may offer a competitive benefits package including medical, dental, vision, flexible paid time off, parental leave, and retirement plan participation.
$220,000 - $280,000 USD
For information on how Nscale handles candidate personal data, please see our Employee & Candidate Privacy Notice: Here.
#J-18808-Ljbffr