Senior Technical Program Manager, Security Incident Response

NVIDIA’s Product Security Incident Response Team (PSIRT) is looking for a passionate and innovative Technical Program Manager  (TPM) to help us elevate our program to the next level. The TPM’s main focus will be vulnerability management/remediation in NVIDIA’s products and participate in incident response activities. The ideal candidate will improve NVIDIA’s internal software security response procedures, prioritize both public and internal vulnerability remediation, and collaborate with engineering teams to handle the end-to-end resolution of issues. Products can include GPUs, cloud software, AI/ML, enterprise servers, automotive components, embedded devices, and many others. Expertise in these areas is not required, but flexibility and a wide comprehension of device usage and requirements is desirable.As an NVIDIAN, you will be immersed in a diverse, supportive environment where everyone is encouraged to do their life’s work. Come join the team and see how you can make a lasting impact on the world!What you’ll be doing:Craft and implement PSIRT processes and program improvements to elevate NVIDIA’s vulnerability handling and incident response capabilities.Handle the receipt, resolution, and disclosure of security vulnerabilities across NVIDIA product lines.Engage directly with virtual security teams, engineering partners, and internal support teams to drive issues to long-term resolutionCommunicate status of PSIRT involvement at all levels of management, both internal and externalDraft publications for the security vulnerability disclosures as well as lower-severity security-impacting defectsChampion continuous improvement efforts related to security activities across NVIDIAEngage with the broader industry security community and stay at the forefront of industry security trends and requirementsWhat we need to see:Quickly scale knowledge while being mentored by leadersAbility to understand technical issues at a high level on a wide range of topicsLeadership skills to step up and identify resolutions that are best for NVIDIA and its customers, even if that means going beyond the initial askEffective written and verbal communication regardless of audience or issue complexityAbility to work cross-functionally and remotely with other teams to accomplish sophisticated goalsExperience with some of the following standards or processes: CVSS, CWE, SDLC, SBOM, VEX, CSAF, threat modelingKnowledge of industry practices for responsible disclosure of security threats and product vulnerabilitiesBS/BA degree or equivalent experience 5+ years in a Program or Project Management field8+ years of relevant security experienceWays to stand out from the crowd:Proven experience driving customer-facing issues (security preferred) effectively and efficientlyExperience in a previous PSIRT, security development lifecycle (SDL), or bug bounty management roleUnderstanding of software release processes, e.g. Agile, Unit Testing, etc.Ability to write SQL scripts, experience with REST APIs, or build reporting dashboardsThe base salary range is 156,000 USD - 299,000 USD. Your base salary will be determined based on your location, experience, and the pay of employees in similar positions.You will also be eligible for equity and benefits. NVIDIA accepts applications on an ongoing basis. NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.