Secure Development Platform Engineer (Finance)

The NVIDIA Product Security Team is seeking a hands-on Security Engineer to join the Secure Development Platform team and help deliver scalable solutions that secure NVIDIA's software development lifecycle (SDLC) and open source software (OSS) usage. We're looking for someone who can promote a "secure-by-default" culture and partner with engineering teams to integrate security insights and automation into every stage of the SDLC.

We are looking for a full stack developer to help build NVIDIA's SDLC Security Agent and OSS Security platform. Your mission will be to develop services and agents that detect insecure coding patterns, track OSS consumption, and drive early remediation workflows across our development ecosystem. You will help embed continuous security across modern DevSecOps practices and ensure release readiness through visibility, automation, and intelligence. If you're passionate about making security scalable, integrated, and developer-friendly - this role is for you!

What You'll Be Doing:

• Design and build agent-based security tooling to monitor and evaluate secure development practices across SDLC workflows.
• Develop backend services that ingest data from version control, CI/CD pipelines, SBOMs generation platforms, and container registries to surface security and compliance risks.
• Find risks in security, legal, and SDLC areas and direct to collaborators for timely resolution.
• Build and maintain OSS security automation pipelines that enable early detection and resolution of known vulnerabilities (e.g., CVEs).
• Integrate with internal platforms for secret scanning, vulnerability analysis, and policy enforcement to deliver real-time contextual feedback to developers.
• Improve the precision of alerts and reduce noise through context-aware signal processing and risk-based prioritization; build clear, actionable checklists that help assess release readiness based on the release's context and risk profile.
• Partner with DevSecOps, Legal, and Engineering teams to align OSS governance and enforce NVIDIA's security guardrails.
• Contribute to the development of metrics, dashboards, and reports to drive adoption and track improvements in SDLC security posture.

What We Need to See:

• Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).
• 3+ years of experience in software engineering or platform security, ideally supporting developer productivity or automation tooling.
• Proficiency in Python and/or Go to build backend services and platform agents.
• Familiarity with GitHub, GitLab, or Jenkins-based CI/CD environments and secure coding practices.
• Experience building or integrating secret scanning, OSS vulnerability scanning (e.g., SCA tools), and code quality tooling.
• Understanding of container security fundamentals and cloud-native architectures (Docker, Kubernetes, AWS).
• Ability to synthesize software risks into actionable remediations for developers and product teams.
• Strong written and verbal communication skills for collaborating with collaborators across engineering, security, and compliance.

Ways to Stand Out From the Crowd:

• Experience building security agents, linters, or static/dynamic analysis tools embedded into the SDLC.
• Familiarity with AI-assisted development tools or integrating LLMs into secure code review workflows.
• Hands-on experience with open source security automation platforms (e.g., OSV-Scanner, Trivy, Grype, or Semgrep).
• Experience managing OSS dependency policies, license risk exceptions, or policy-as-code implementations.
• Experience contributing to SDLC or security automation frameworks at scale in a high-growth environment.

NVIDIA is widely considered to be one of the technology world's most desirable employers. We have some of the most forward-thinking and hardworking people on the planet working for us. If you're creative, passionate and self-motivated, we want to hear from you!

Your base salary will be determined based on your location, experience, and the pay of employees in similar positions. The base salary range is 120,000 USD - 189,750 USD for Level 2, and 148,000 USD - 235,750 USD for Level 3.

You will also be eligible for equity and benefits .

Applications for this job will be accepted at least until August 19, 2025.

NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.