Security Development Engineer

The NVIDIA Product Security Team is seeking a hands-on Security Engineer to join the Secure Development Platform team and help deliver scalable solutions that secure NVIDIA’s software development lifecycle (SDLC) and  and help build foundational systems that identify and manage regulated software releases — including those requiring FedRAMP, DoD ILx, or other compliance certifications. We’re looking for someone who can promote a “secure-by-default” culture and partner with engineering teams to integrate security insights and automation into every stage of the SDLC. This role is ideal for someone passionate about bridging the gap between policy and engineering through intelligent automation, enabling NVIDIA to meet stringent regulatory requirements while maintaining development velocity. You’ll help define how regulated release types are detected, how evidence is continuously generated and evaluated, and how teams can track their certification status using real-time signals.

What You’ll Be Doing:

• Develop backend services and data pipelines to identify software releases subject to FedRAMP and other regulatory requirements.

• Build platform features that automate evidence generation based on release context, policy coverage, and operational controls.

• Implement policy-as-code frameworks to evaluate compliance against FedRAMP baselines and track residual risks and mitigations.

• Present release readiness checklists for Security Owners, enabling them to assess gaps and work toward regulated release approval.

• Enable release teams to self-attest readiness for regulated environments via structured checklists, metadata tagging, and SDLC signal ingestion.

• Integrate with platforms across security scanning, logging, and access control to collect relevant compliance evidence.

• Help maintain NVIDIA’s FedRAMP-compliant security programs — including improving scanner coverage, implementing real-time dashboards, automating key processes, and ensuring on-time certification renewals.

• Create tools and APIs that display certification progress, identify gaps, and assist both internal customers and security experts and auditors.

What We Need to See:

• Bachelor’s degree in Computer Science, Information Security, or equivalent experience.

• 3+ years experience in software development, platform engineering, or security automation roles.

• Strong backend engineering skills in Python, Go, or similar languages.

• Familiarity with FedRAMP, NIST, or other U.S. regulatory frameworks.

• Experience designing and integrating RESTful APIs and working with containerized, cloud-native environments.

• Understanding of secure SDLC practices and the role of artifacts (e.g., SBOMs, logs, test evidence) in regulated certifications.

• Knowledge of policy-as-code tools and frameworks (e.g., Open Policy Agent) is a plus.

• Familiarity with SBOM standards, especially CycloneDX specification.

• Strong collaboration and interpersonal skills across security, compliance, and engineering teams.

• Passion for building automated, developer-friendly compliance platforms.

Ways to Stand Out From the Crowd:

• Experience working on or supporting FedRAMP certification processes for NVIDIA releases

• Prior work in mapping infrastructure and security controls to regulatory control baselines.

NVIDIA is widely considered to be one of the technology world’s most desirable employers. This role gives you an outstanding opportunity to build the foundational compliance infrastructure for one of the most innovative companies in the world. Would you thrive at the intersection of security, policy, and engineering automation, and want to make compliance intelligent and invisible? We’d love to talk to you!

Your base salary will be determined based on your location, experience, and the pay of employees in similar positions. The base salary range is 120,000 USD - 189,750 USD for Level 2, and 148,000 USD - 235,750 USD for Level 3.Applications for this job will be accepted at least until August 22, 2025.

NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.