Senior Information Security Engineer

NVIDIA is looking for a Senior Information Security Engineer to help teams develop applications according to secure-by-design principles. This includes consulting during initial product design and reviewing the implementation for security deficiencies using techniques such as manual testing and code reviews. The Senior Engineer will also assess the overall product portfolio for application flaw trends and develop educational campaigns around mitigation and prevention of these flaws in the future. This role also entails working closely with development teams, devops teams, and other collaborators to build a culture of security and continuous improvement.What you'll be doing:Coordinating with other security teams across NVIDIA to develop consistent secure SDLC processesConducting lifecycle-appropriate security assessments throughout the SDLC, such as code reviews or static and dynamic application security testing, as appropriateProviding consultation to development teams for how to address specific vulnerabilitiesAssisting teams with understanding vulnerability scan results and corresponding remediation or mitigation optionsAssessing vulnerability trends for ways to scale mitigation and risk reductionLeading discussions, leverage domain expertise, and collaborate with partners across Omniverse to influence decision-making processesStaying ahead of emerging threats and vulnerabilities and helping develop processes to address themCollaborating with partner teams to establish and report on key performance indicators related to application securityWhat we need to see:Bachelor's degree in computer science, information technology, or related field or equivalent experience6+ years of experience in software development or related field4+ years of experience in application securityExperience evaluating historical findings for opportunities to reduce broad vulnerability classes in new product releasesExperience building software in any languages such as C, C++, Java, or RustBackground with static, dynamic, and container scanning tools such as Checkmarx, Coverity, Qualys, Snyk, or AnchoreExperience with REST APIs Familiarity with DevOps and agile development methodologiesBackground with secure coding practices and software security architectureWays to stand out from the crowd:Experience with bug bounty submissions or open source software contributionsSolid knowledge and hands-on experience in Vault capabilities, with the ability to customize it for different patterns of workloads and workflowsHands-on experience with cloud security tools and technologies, such as Prisma or AquaKnowledge of security frameworks and compliance standards (e.g., ISO 27001, SOC, TISAX)One or more security certifications (CISSP, SSCP, CSSP, CEH, Security+, etc.)With highly competitive salaries and a comprehensive benefits package, NVIDIA is widely considered to be one of the technology world's most desirable employers. We have some of the most hard-working and dedicated people on the planet working for us and, due to unprecedented growth, our company is growing fast. If you're creative and have a genuine passion for technology, we want to hear from you.The base salary range is $160,000 - $304,750. Your base salary will be determined based on your location, experience, and the pay of employees in similar positions.You will also be eligible for equity and benefits.NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.