Senior Security Engineer - Product Security Operations

We're looking for a driven, teamwork focused Sr. Security Engineer to help lead our Product Security Operations Center(SOC) team and partner with us to improve NVIDIA’s Cloud Security and Cyber Defense capability.

Do you have validated experience with leading critical initiatives? Do you revel in the challenge of driving the resolution of complex security problems? Showcase your cyber security expertise and passion for innovation to lead and mature our security operations center. You'll assist us in identifying security risks, evolving workflows and processes, while further improving our ability to detect malicious activity. Please come join us!

What you'll be doing:

• Reviewing alerts from internal Security Information and Event Management (SIEM) tools requiring log correlation, log analysis, identifying malicious behavior, vetting of False Positives, remediating system misconfigurations and tracking system state changes.

• Providing first level response for security events including but not limited to intrusion detection, malicious use of cloud resources, denial of service incidents, privileged account misuse and network breaches

• Collaborate across product with sophisticated threat response teams, taking on role of incident commander.

• Building automated vulnerability scans and review vulnerability assessment reports

• Leading the collection of assets data (configuration settings, running processes, network connections, etc.) for further investigation

• Developing new data dashboards and metrics that detail threats to the security posture.

• Exploring ways to identify stealthy threats and devise containment processes

• Building and maintaining security incident response playbooks and apply them for remediation and recovery efforts

What you should have:

• Bachelor's degree (or equivalent experience) in Computer Science, Information Security or a related field

• 10+ years of hands-on experience in SOC or Security Incident response teams

• Outstanding organizational and collaborative focus

• Ability to lead in challenging scenarios

• Experience with public cloud providers like AWS, GCP and Azure along with their security standard and methodologies is required

• Experience with cloud, IaaS, PaaS, ‘network-as-a-service’ environment.

• Shown Splunk skills (detection creation, queries and dashboard development)

• Demonstrated background in security products (Tenable Nessus, Nexpose) and technologies (Public Key Infrastructure (PKI) systems, authentication and authorization mechanisms, encryption of data in transit and data at rest), modern logging technologies (Splunk and Kibana), security engineering, networking protocols (TCP/UDP), security analysis, network and endpoint forensics

• Programming experience in Python, shell scripting to automate and integrate with security tools

• Focus on collaboration with excellent verbal and written skills to build effective documentation and streamlined incident reports and RCCA artifacts

Ways to stand out from the crowd:

• Validated knowledge and technical savvy with Cloud security controls (security groups, Cloud Trail logs, IAM, EC2, S3, Kubernetes best security practices. etc.)

• Understanding of industry compliance standards relevant to Software as a Service and Cloud Computing, such as ISO27001, SOC2, NIST, HIPPA and PCI-DSS

• Familiarity with common DevOps technologies such as Ansible, Dockers, Terraform, Kubernetes along with strong Linux fundamentals is a plus

• One or more security certifications (CISSP, SSCP, CSSP, GISP, Security+, etc.)

• Previous experience in tacking security challenges in a Hybrid cloud environment (workloads spread across on-premise data center and public cloud such as AWS)

The base salary range is 192,000 USD - 368,000 USD. Your base salary will be determined based on your location, experience, and the pay of employees in similar positions.

You will also be eligible for equity and benefits. NVIDIA accepts applications on an ongoing basis.

NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.