Senior Security Engineer - Product Security Operations
US, CA, Santa Clara
NVIDIA
NVIDIA erfindet den Grafikprozessor und fördert Fortschritte in den Bereichen KI, HPC, Gaming, kreatives Design, autonome Fahrzeuge und Robotik.We're looking for a driven, teamwork focused Sr. Security Engineer to help lead our Product Security Operations Center(SOC) team and partner with us to improve NVIDIA’s Cloud Security and Cyber Defense capability.
Do you have validated experience with leading critical initiatives? Do you revel in the challenge of driving the resolution of complex security problems? Showcase your cyber security expertise and passion for innovation to lead and mature our security operations center. You'll assist us in identifying security risks, evolving workflows and processes, while further improving our ability to detect malicious activity. Please come join us!
What you'll be doing:
Reviewing alerts from internal Security Information and Event Management (SIEM) tools requiring log correlation, log analysis, identifying malicious behavior, vetting of False Positives, remediating system misconfigurations and tracking system state changes.
Providing first level response for security events including but not limited to intrusion detection, malicious use of cloud resources, denial of service incidents, privileged account misuse and network breaches
Collaborate across product with sophisticated threat response teams, taking on role of incident commander.
Building automated vulnerability scans and review vulnerability assessment reports
Leading the collection of assets data (configuration settings, running processes, network connections, etc.) for further investigation
Developing new data dashboards and metrics that detail threats to the security posture.
Exploring ways to identify stealthy threats and devise containment processes
Building and maintaining security incident response playbooks and apply them for remediation and recovery efforts
What you should have:
Bachelor's degree (or equivalent experience) in Computer Science, Information Security or a related field
10+ years of hands-on experience in SOC or Security Incident response teams
Outstanding organizational and collaborative focus
Ability to lead in challenging scenarios
Experience with public cloud providers like AWS, GCP and Azure along with their security standard and methodologies is required
Experience with cloud, IaaS, PaaS, ‘network-as-a-service’ environment.
Shown Splunk skills (detection creation, queries and dashboard development)
Demonstrated background in security products (Tenable Nessus, Nexpose) and technologies (Public Key Infrastructure (PKI) systems, authentication and authorization mechanisms, encryption of data in transit and data at rest), modern logging technologies (Splunk and Kibana), security engineering, networking protocols (TCP/UDP), security analysis, network and endpoint forensics
Programming experience in Python, shell scripting to automate and integrate with security tools
Focus on collaboration with excellent verbal and written skills to build effective documentation and streamlined incident reports and RCCA artifacts
Ways to stand out from the crowd:
Validated knowledge and technical savvy with Cloud security controls (security groups, Cloud Trail logs, IAM, EC2, S3, Kubernetes best security practices. etc.)
Understanding of industry compliance standards relevant to Software as a Service and Cloud Computing, such as ISO27001, SOC2, NIST, HIPPA and PCI-DSS
Familiarity with common DevOps technologies such as Ansible, Dockers, Terraform, Kubernetes along with strong Linux fundamentals is a plus
One or more security certifications (CISSP, SSCP, CSSP, GISP, Security+, etc.)
Previous experience in tacking security challenges in a Hybrid cloud environment (workloads spread across on-premise data center and public cloud such as AWS)
You will also be eligible for equity and benefits. NVIDIA accepts applications on an ongoing basis.
NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.Tags: Ansible AWS Azure CISSP Cloud Compliance Computer Science Cyber defense DevOps EC2 Encryption Forensics GCP IaaS IAM Incident response Intrusion detection ISO 27001 Kubernetes Linux Log analysis Nessus NIST PaaS PKI Product security Python S3 Scripting Security analysis SIEM SOC SOC 2 Splunk SSCP Terraform Vulnerability scans
Perks/benefits: Equity / stock options Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Product Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Specialist jobs
- Open Cyber Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Consultant jobs
- Open Cybersecurity Editor jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Operations Analyst jobs
- Open Information Security Architect jobs
- Open Security Consultant jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open CISM-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Threat intelligence-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open Java-related jobs
- Open DoD-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open Splunk-related jobs