Senior Security Engineer – Cloud Services
NVIDIA - California
Employment Type : Full-Time
To meet the needs of NVIDIA’s growing cloud product portfolio, NVIDIA formed Unified Cloud Services (UCS). UCS defines a set of service building blocks (Identity, Authentication, Authorization, Data Platform, Billing, and Security services) that will serve as the foundation for the delivery of existing and future NVIDIA utility services.
We are looking for a hardworking and innovative security engineer with a focus on infusing security methodologies into the architecture and development of next-generation UCS cloud services. As a member of the UCS team, you will contribute to architecting security features in large and sophisticated heterogeneous cloud systems. The person joining UCS in this position will work across teams to lead the effort to define security requirements for each UCS service, including implementation of security controls to assess compliance, remediations to respond to non-compliant events, and mappings to industry standards and regulatory frameworks.
Successful candidates for this role will have extensive experience with cloud technologies and will support security requirements development; implementation oversight and validation of cloud security across all UCS service deployment models (i.e., PaaS and SaaS). The UCS Security Engineer will help architect, deploy, and operate secure UCS platform and software services with the ability to define, communicate, and implement security architecture and administrative processes for UCS services.
What you will be doing:- Developing security requirements for UCS deployments based on industry standards and tailoring requirements to published standards and policies (e.g., SOC, PCI, GDPR, etc.)
- Review UCS architecture and advise development teams on strong security design principles and identification of issues prior to systems or features deployed
- Develop UCS security solutions to meet incident response and participate in security incident response process as the UCS security domain specialist
- Partner with DevOps and SRE teams to consult on secure UCS development practices and build UCS security automation into pipelines
- Collaborate between multiple business units and development groups to ensure robust, secure service posture from design to implementation in multiple products and online services.
- Recommend and craft standard methodologies for secure service development.
What we need to see:- BS in Computer Science, information systems, computer engineering, or 7+ years of equivalent experience
- 5+ years of experience in identifying security standard methodologies or technical compliance requirements
- 2+ years of experience with Amazon Web Services (AWS) or Microsoft Azure, or Google Cloud Platform
- 2+ years of scripting or programming experience in Python, Java, Ruby, GoLang, or other languages
- 2+ years of experience in one or more of the following areas: cryptography and data protection, web and network protocols, data structures and algorithms, identity and access management, incident response, software development, threat modeling, pen tests, or vulnerability assessments
- Applied knowledge in online service security, threat models, and mitigation techniques
- Practical security architectures for cloud-based services and environments
Ways to stand out from the crowd:- Have experience with compliance frameworks such as NIST 800-53, ISO 27001, SOC 2, or other comparable frameworks
- Have experience in the development of security products or DevSecOps infrastructure
- Demonstrate delivery of sophisticated projects in previous roles
- Experience with container-based virtualization (e.g. Docker) and container orchestration (e.g. Kubernetes)
- Proficient in automation and deploying CI and CD tools and services (e.g., Jenkins Pipeline as Code, Git, Maven)
- Knowledge of software engineering standard methodologies for the full software development process, including coding standards, code reviews, source control management, build process, testing, and operations
NVIDIA is widely considered to be one of the technology world’s most desirable employers. We have some of the most forward-thinking and hardworking people on the planet working for us. If you're creative and autonomous, we want to hear from you!
NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression , sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.