NVIDIA's Product Security Incident Response Team (PSIRT) needs a Technical Program Manager to help us manage vulnerability remediation in NVIDIA's products, participate in incident response activities, and enable automation. The ideal candidate will improve NVIDIA's internal software security response procedures, prioritize both public and internal vulnerabilities, and collaborate across teams to handle the end-to-end resolution of issues. Products can include GPUs, automotive components, and embedded devices; expertise in these areas is not required, but flexibility and a wide comprehension of device usage and requirements is desirable.
As an NVIDIAN, you'll be immersed in a diverse, supportive environment in which everyone is inspired to do their life's work. Come join the team and see how we can work together to make a lasting impact on the world!
Want more jobs like this?
Get jobs delivered to your inbox every week.
What you'll be doing:
- Work with the PSIRT team to craft, implement, and improve processes and to lead NVIDIA's vulnerability handling capabilities
- Develop and enhance PSIRT tools and automation scripts, primarily using Python, to streamline vulnerability handling processes, define feature roadmaps, and create requirements for supporting new or improved processes.
- Collaborate with NVIDIA's Security Tools Team to prioritize requirements and drive completion of essential features.
- Manage and resolve reported security vulnerabilities by engaging with researchers, partners, and internal teams, while recommending and implementing improvements to prevent issue recurrence.
- Document and maintain process flows and develop continuous improvement strategies for Bug Bounty programs.
- Communicate PSIRT involvement and draft security disclosures at all leadership levels, while championing continuous improvement in security activities.
- Actively participate in cyber-operations as part of a broader team to shape and strengthen the organization's security culture.
What we need to see:
- Ability to scale knowledge quickly with mentorship.
- Effective written and verbal communication skills.
- Ability to work cross-functionally and remotely with other teams.
- BS/BA degree or equivalent experience.
- 8+ years of experience.
- Proficiency in Python or similar programming languages and experience with security development lifecycle
Ways to stand out from the crowd:
- Knowledge of containerization tools like Docker and orchestration tools like Kubernetes
- Understanding of CI/CD pipelines and tools
- Project management experience
- Experience in a previous PSIRT, security development lifecycle (SDL), or bug bounty management role
- Understanding of Software Vulnerabilities, Incident Response, Coordinated Vulnerability Disclosure, and experience with hackathons.
The base salary range is 156,000 USD - 299,000 USD. Your base salary will be determined based on your location, experience, and the pay of employees in similar positions.
You will also be eligible for equity and benefits. NVIDIA accepts applications on an ongoing basis.
NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.