Job Information
Nvidia Offensive Security Researcher in Santa Clara, California
NVIDIA is looking for security researchers passionate about offensive research across different platforms. Do you have experience with identifying hardware and software vulnerabilities, developing PoC, and tools for automation in vulnerability research? Are you creative and devious in your offensive approach? We want to hear from you!
You should demonstrate ability to excel in an environment with innovative and fast paced development on the worlds most powerful integrated software and hardware computing platform.
What you’ll be doing:
Core job duties will identify vulnerabilities in our embedded firmware and critical system software, building proof of concepts, and collaborating with development teams to remediate them.
Candidates will invest in improving current tools and offensive practices for bug discovery and evaluation while supporting remediation efforts. We expect team members to exercise modern tools for modeling new attack vectors on unreleased and emerging technology platforms.
The most impactful candidates can simulate real attacker behaviors, break systems by exploiting design assumption and effectively communicate their findings for action. Focus will be to increase resilience of the end products against all forms of attack through close collaboration with extended SW and HW offensive security teams.
Products targets span HPC data centers, consumer electronics, autonomous platforms, AI/cloud solutions, and a variety of embedded/IOT platforms providing a rich and complex target space to exercise your skills.
What we need to see:
We'd like to see proven experience and offensive security research (CVE’s, publications, patents, tools) with responsible disclosure practices.
Strong skills in reverse engineering and automation (IDA, Ghidra), fuzzing (AFL, WinAFL, Syzcaller) and exploitation (ROP, memory corruption) are important to success; as well as understanding of modern embedded cryptography and common security issues.
Experience with ARM/X86/RISCV assembly (include shellcode development) and low-level C programming paired with understanding and experience with micro-architectural attacks (side channels, fault injection, etc) is critical.
Demonstrated skill for secure code reviews of complex source projects, and exposure to code quality practices (SDL, threat modeling) that support development goals.
Candidates should be comfortable working collaboratively and remotely with others to accomplish complex team goals, enabling delivery of outstanding security for our products.
BS/BA degree or equivalent experience
8+ years in a security related field
Ways to stand out from the crowd:
Navigating complex platform concerns and ability to analyze composed systems to identify high risk components and established testing targets and objectives.
Practical skills using Hex-Rays IDA Pro and plugin/loaders development (or similar experience with Ghidra) is valuable as well as experience with enclave models such as ARM TEE, Intel SGX/TDX, AMD SEV-SNP and other isolation technologies.
Development and integration of AI tooling and skills to accelerate and improve activities and or experience with offensive actions targeting AI models (LLM or other) components within those platforms.
Experience using any of the common binary instrumentation frameworks and/or working with LLVM IR and Clang plugins, or fuzzing to aid at scale analysis.
NVIDIA has continuously reinvented itself over two decades. Our invention of the GPU in 1999 fueled the growth of the PC gaming market, redefined modern computer graphics, and revolutionized parallel computing. More recently, GPU deep learning ignited modern AI — the next era of computing. NVIDIA is a “learning machine” that constantly evolves by adapting to new opportunities that are hard to solve, that only we can pursue, and that matter to the world. This is our life’s work, to amplify creativity and intelligence. Make the choice to join us today!
The base salary range is 220,000 USD - 419,750 USD. Your base salary will be determined based on your location, experience, and the pay of employees in similar positions.
You will also be eligible for equity and benefits (https://www.nvidia.com/en-us/benefits/) . NVIDIA accepts applications on an ongoing basis.
NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.
NVIDIA is a Learning Machine
NVIDIA pioneered accelerated computing to tackle challenges no one else can solve. Our work in AI and the metaverse is transforming the world's largest industries and profoundly impacting society.
Learn more about NVIDIA .