AI Cloud Security Operations Lead - Americas
Bitdeer offers cloud computing and AI cloud services with a focus on high-performance computing and data center management.
Funding
About Bitdeer
Bitdeer is a high-performance computing platform that provides cloud service solutions, including AI cloud instances, cloud computing, and data center management. It offers a range of services aimed at simplifying the deployment and management of GPU computing instances, cloud hosting, and hash rate markets for mining. Bitdeer's platform is designed to support users from start to finish, offering superior networking, exceptional GPU computing, and comprehensive AI toolkits for enterprise AI success.
Skills
About the Role
As Bitdeer AI Cloud's first dedicated hands-on security leader for the Americas, you will own the full-stack security and 7x24 security operations of AI Data Centers (AIDCs) across California, Tennessee, Washington, and future locations. This is a deeply hands-on technical operations role where you will personally lead detection engineering, incident response, and host/network hardening, while also handling US customer incident response, law enforcement requests, and cross-time-zone coordination with the Singapore HQ. Despite the 12-16 hour time difference with Singapore HQ, you will ensure the GPU compute business across three Americas AIDCs runs securely across physical, network, host, virtualization, and customer operations layers, while driving incident MTTR to industry-leading levels.
Requirements
- Bachelor's degree or higher in Computer Science, Cybersecurity, Computer Engineering, or a related technical field
- 10+ years of hands-on information security experience, with at least 5 years focused on cloud infrastructure / IaaS / data center security technical operations roles
- Deep incident response experience as an Incident Commander, having led at least 5 P0/P1 security incidents end-to-end
- Thoroughly familiar with the NIST SP 800-61 IR process
- Deep expertise in Linux system security, network protocols, TCP/IP, virtualization (KVM/QEMU), and container/Kubernetes security
- Hands-on experience with at least one mainstream SIEM platform (Wazuh / Splunk / Elastic SIEM / Sentinel)
- Ability to independently write detection rules and familiarity with SIGMA rule format
- Familiar with the MITRE ATT&CK Framework (Cloud Matrix and Container Matrix)
- Strong scripting and programming skills in Python and Shell; Go or Rust highly preferred
- Familiarity with the eBPF technology stack (Tetragon / Falco / Cilium)
- Familiarity with at least one IaC tool (Terraform / Ansible) and standard Git workflows
- At least one industry certification required: GCIH, GCIA, GCFA, OSCP, CISSP, CCSP
- Professional fluency in both English and Mandarin Chinese
- Willingness to accept irregular working hours and participate in a 7x24 on-call rotation
Responsibilities
- Serve as the primary on-call security lead for the Americas region
- Own 7x24 alert triage, incident response, and root cause analysis for AIDCs in CA, TN, WA, and beyond
- Act as the primary security decision-maker during Americas business hours when Singapore HQ is offline
- Personally drive the response to high-severity incidents (P0/P1) including GPU cluster cryptojacking, ransomware, data exfiltration, and tenant escape scenarios
- Lead the full forensics, containment, and recovery cycle
- Build and maintain Americas regional incident response playbooks and runbooks
- Collaborate with the global SecOps team on SIEM detection rules, SOAR automation, and IR tabletop exercises
- Lead customer security incident response and handle customer tickets
- Serve as the Americas escalation interface, coordinating decisions with Singapore HQ, Legal, and business teams during major incidents
- Write SIEM detection rules covering GPU cloud attack scenarios
- Design detection coverage assessments based on the MITRE ATT&CK Cloud Matrix and Container Matrix
- Lead hypothesis-driven threat hunting activities and conduct at least two structured hunting campaigns per month
- Design runtime detection capabilities using eBPF tools to complement traditional HIDS detection blind spots
- Operationalize detection-as-code practices including version-controlled detection rules, CI/CD pipelines, unit testing, and coverage metrics
- Lead pre-production security readiness assessments for all Americas AIDCs
- Personally drive host hardening initiatives including Linux baselines, auditd configuration, SSH hardening, and privileged account management
- Partner with the Platform Engineering team to deploy eBPF-based runtime security monitoring
- Track CVEs for NVIDIA GPU drivers, CUDA, NCCL, UFM, BMC firmware, and other critical components
- Lead the Americas regional vulnerability response and patch window negotiations
- Lead Americas regional IAM and privileged access management
- Lead the configuration and operations of perimeter firewalls, IPS, and WAF for all three Americas AIDCs
- Engage DDoS scrubbing services and build robust Americas regional DDoS response plans
- Establish east-west traffic baselines to identify anomalous traffic patterns
- Configure BGP RPKI, source address validation, and other network-layer security controls
- Plan and deploy traffic analysis solutions at Americas AIDCs
- Serve as the security incident response interface for Americas customers
- Handle US law enforcement requests including subpoenas, search warrants, and preservation orders
- Establish Americas regional customer security incident SLA tracking and post-incident review mechanisms
- Establish seamless security collaboration mechanisms between the Americas and Singapore HQ
- Serve as the Americas regional compliance support interface for SOC 2 US scope expansion
- Represent Bitdeer AI Cloud Security within local US security communities and industry events
