Chief Information Security Officer jobs
Nvidia Senior Technical Program Manager DGX Cloud Security United States, California
Share
- US, CA, Santa Clara
- time type
- Full time
- posted on
- Posted 4 Days Ago
- job requisition id
NVIDIA is seeking a Senior Technical Program Manager to lead the Infrastructure and Product Security and Compliance program for DGX Cloud. In this role, you will ensure our platforms and partner ecosystem meet the highest standards of trust, resilience, and governance.
As a Senior TPM focused on Cloud Security, you will own the design and execution of a DGXC-wide infrastructure security program that strengthens how DGXC operates with Cloud Service Providers (CSPs) and NVIDIA Cloud Partners (NCPs). You will drive security initiatives by embedding compliance controls, governance frameworks, and best practices across infrastructure, platform, and product teams. This role also ensures Product Security is integrated into product roadmap planning and the software development lifecycle, aligning product and infrastructure priorities. You will work closely with senior leaders and cross-functional teams in Security, Compliance, DevOps, and Engineering to continuously enhance and scale the DGX Cloud Security Posture.
What You’ll Be Doing:
Lead alignment across engineering, product, security, and partner teams to deliver against cloud security guidelines with CSP and NCP partners.
Drive programs that strengthen vulnerability management, access control, patching, and compliance readiness for SOC 2, ISO 27001, and related certifications.
Operate DGXC-wide security engineering forums and processes, establishing security KPIs, dashboards, and “run safe” SRE practices.
Partner with the CISO organization to define and assess emerging cloud providers against DGX Cloud security requirements, driving measurable improvements and action plans.
Implement and evolve security controls frameworks (e.g., SSH hardening, IAM, secret rotation) in CI/CD pipelines to ensure continuous compliance.
Lead certification readiness and audit cycles, including SOC 2 Type 1 & 2 and ISO 27001, from control mapping through evidence collection and remediation.
Chair the DGX Cloud Security & Compliance Working Group, managing governance reviews, risk dashboards, and executive reporting on posture and metrics.
Develop training programs to build security and compliance awareness across Product, DevOps, and Engineering teams.
Create playbooks and automation frameworks that streamline certification renewals, patching cycles, and vulnerability management workflows.
Maintain and continuously improve technical compliance documentation, including system diagrams, process flows, and control mappings.
What We Need to See:
12+ years of Program Management experience driving the planning and execution of large programs, software engineering projects in a fast paced environment.
Consistent track record delivering successful Security, Risk, and/or Compliance programs, particularly in cloud IaaS and SaaS environments, resulting in full certification of a suite of products and services.
Experience leading efforts related to SOC2 (Type 1 and Type 2) audits and readiness, including leading control implementation (e.g., access controls, change management, vulnerability management).
Experience operationalizing vulnerability management, patch management, SSH key governance, and access controls across distributed systems.
Ability to think strategically and tactically and to build consensus in making programs successful; ability to resolve technical issues and resource constraints across cross-functional teams.
Demonstrated ability to define metrics, dashboards, and risk indicators that measure posture improvement and audit readiness.
Proficiency with tools like JIRA, to comfortably guide engineering teams on execution in an Agile/scrum manner and ensure accurate governance artifacts are delivered.
Excellent executive communication and presentation skills able to distill complex technical and compliance topics for senior leadership
MS EE or CS degree, or equivalent experience.
Ways to Stand Out from the Crowd:
Highly motivated with strong interpersonal skills, with proven track record to work successfully with multi-functional teams and coordinate effectively across organizational boundaries and geographies.
Experience implementing security features in a multi-cloud environment.
Experience with sophisticated compliance programs, such as FedRamp, SCO2, or ISO certification efforts.
Solid understanding of tier 1 cloud technologies (AWS, GCP, Azure, OCI).
Experience with productivity tools and process automation.
You will also be eligible for equity and .
These jobs might be a good fit
Unity Senior Infrastructure Security Engineer United States, Oregon
Share
- Perform the security design reviews and conduct risk assessments for production instances
- Use threat modeling to improve identification of cybersecurity threats, prioritize them, and perform effective risk mitigation
- Perform the Projects / Products information security assessment and support infrastructure security Project efforts
- Deploy cloud security guardrails and configurations in Kubernetes, Microservices, AWS, GCP, and Azure environments
- Establish and implement security standards, policies, and best practices for Unity systems, ensuring secure configurations are deployed, maintained, and continuously improved
- Proven record of mentoring teams and building a security process
- Through knowledge of Cloud computing environments such as GCP, AWS, Azure with knowledge for architectural reviews and experience with micro-services technologies such as Containers, Kubernetes, Hashicorp Vault
- Experienced in at least one scripting language (e.g., Python, Bash) for automations and security tool development
- Experience with Infrastructure as Code (IaC) tools, particularly Terraform
- Knowledge of security features and controls AuthN, AuthZ, PKI, Session Management, Logging
- Deep Understanding of network security fundamentals; the TCP/IP stack, Linux/Mac/Windows operating systems, DNS, Firewall, VPN, Email
- Knowledge of the NIST framework, PCI-DSS is preferred.
- Strong understanding of incident response processes and forensic analysis in a cloud environment
- AI Security for protecting LLM, AI workloads, Agentic AI etc.
- Experience with advanced threat detection techniques
- Comfortable with ambiguity and bringing clarity to situations
- Strong critical thinking and interpersonal skills with the ability to communicate technical issues to a non-technical audience
- Passion for expanding your knowledge and a desire to grow beyond your current skill set
- Relocation support is not available for this position.
- Work visa/immigration sponsorship is not available for this position
This position requires the incumbent to have a sufficient knowledge of English to have professional verbal and written exchanges in this language since the performance of the duties related to this position requires frequent and regular communication with colleagues and partners located worldwide and whose common language is English.
Gross pay salary$134,100—$201,100 USDUnity Physical Security Lead Americas United States, Oregon
Share
Together with the team, you will develop and implement company-wide physical security policies, programs, and processes for the Unity offices in the AMER/APAC region. You will deliver security plans for high-profile global events; manage the Security of all travellers visiting your area of responsibility; and manage a range of day-to-day support activities, as well as any physical security incidents that occur in your region.
What you'll be doing- Lead, assess, and apply existing or emerging physical security regulations, policies, and industry practices.
- Perform annual security vulnerability and risk assessments, and handle physical security incident investigations.
- Assist with the safety and security of company-sponsored conferences/events.
- Provide physical security service, solutions, programs, standard methodologies, and technical mentorship to business management and support functions within Unity.
- Collect, measure, and analyze regional and site physical security metrics to discover trends for continuous quality improvement or corrective measures.
- Experience in any of the following roles: Physical security, business continuity, crisis management, emergency response, incident management, operations, risk or health and safety.
- Experience leading or implementing physical security programs, processes, policies, operations, or related functions.
- Proven strong interpersonal and customer service skills, attention to detail, and problem-solving methodology.
- Ability to work irregular hours and/or to be “on-call” as-needed in support of 24/7 evolving risk events that could negatively impact our business operations.
- The ability to travel up to 40% of the time, regionally—visit our offices in fantastic cities!
- Knowledge of access control systems and process, guard force management, reporting security metrics, security audits and incident reporting.
- Experience in the tech sector with comfort learning new software systems.
- Relocation support is not available for this position
- Work visa/immigration sponsorship is not available for this position
This position requires the incumbent to have a sufficient knowledge of English to have professional verbal and written exchanges in this language since the performance of the duties related to this position requires frequent and regular communication with colleagues and partners located worldwide and whose common language is English.
Gross pay salary$116,000—$196,700 USDF5 Principal Enterprise Security Engineer United States, Washington, Seattle
Share
Reports To:VP of Infrastructure and Security
Infrastructure and Security
Enterprise Security Engineerto design, implement, and manage enterprise-wide security solutions.shape our security strategy across endpoint protection, network, SaaS, IAM, and observabilitywhile aligning to NIST and CIS standards. This role reports to the
Key Responsibilities
Security Architecture & Governance
Architect enterprise security solutions across endpoints (EDR/XDR), networks, SaaS, andidentity/infrastructure.
Ensure compliance withNIST SP 800-53, CIS benchmarks, and FedRAMP (Low/Moderate/High) standards.
Design for DoD Impact Levels IL‑4 and IL‑5 environments, integrating enhanced controls beyond FedRAMP High
IAM & Access Management
Implement and manage IAM frameworks: RBAC, MFA, SAML, OAuth, SCIM.
Regularly review andoptimizeprivilege configurations.
Endpoint & Network Security
Deploy and manage endpoint security tools (e.g., CrowdStrike,SentinelOne).
Define network security strategies including firewalls (e.g., Palo Alto), micro-segmentation, VPNs.
andmaintaindevice health assessmentsand dashboardsleveragingdevicetelemetryfromenterprise security tooling.
Configure andmaintainData Loss Prevention (DLP) tooling & policies
Support securitydeployments and configurations across multiple operating systems-Windows 10/11, macOS, Window Server, RHEL,Oracle, CentOS
Experience with Security Service Edge and Software-DefinedPerimeter enablesZTNA solutions such asNetSCOPE, Zscaler, and PAN
SaaS Security & Cloud Compliance
Secure SaaS applications using SSPM tools and integrate them into governance frameworks.
Maintain compliance evidence for FedRAMP/DoD IL audits and ATO packages
Incident Response & Threat Intelligence
Lead incident response efforts: detection, triage, investigation, mitigation, and post-mortems.
Coordinate with threat intel teams to feed strategic threat insights into detection logic and tools.
Vulnerability Management & Observability
Own vulnerability scanning, CVE tracking, patch-rollout, and POA&M development.
Build and tune observability systems (SIEM, EDR, logging, telemetry) to support security posture.
Automation & Scripting
Automate security workflows using Python, PowerShell, Bash, or similar languages.
Integrate automation into tooling forreporting,incident response, compliance, detection, and remediation.
Collaboration & Communication
with the CISO and staff to align security initiatives with organizational strategy.
Communicate technical concepts clearly to leadership, compliance, legal, and engineering teams.
Develop and deliver security training and awareness for teams across the enterprise.
Qualifications & Experience
Bachelor’s degree in cybersecurity, computer science, engineering—or equivalent years of corporate security/SOC experience.
7+ years in enterprise or cloud security with hands-on background in IAM,endpoint/network/SaaSsecurity, incident management, vulnerability management, and log analytics.
Compliance Know-How:
Solid understanding of FedRAMP security controls and audit frameworks.
Experience with DoD IL‑4/IL‑5 programs—understand added encryption, personnel restrictions, and control overlaysTechnical Skills:
with tools like CrowdStrike, Palo Alto, F5, Splunk/ELK, and IAM platforms (Okta,Entra ID, etc.).
Strong scripting/automation using Python, PowerShell, Bash, etc.
Security Frameworks:NIST SP 800-53/171, CIS Benchmarks, FedRAMP, DoD CC SRG.
Soft Skills:Strong verbal and written communication; ability to convey complex topics to executives; experience working with stakeholders across multiple time zones.
BigIP
Personality Traits:
The Job Description is intended to be a general representation of the responsibilities and requirements of the job. However, the description may not be all-inclusive, and responsibilities and requirements are subject to change.
The annual base pay for this position is: $152,000.00 - $228,000.00Applied Materials Physical Security Project Manager United States, Texas, Austin
Share
Project Management
Develop and maintain detailed project schedules and timelines.
Track project progress, identify potential risks and issues, and mitigate them.
Coordinate with cross-functional teams to ensure seamless project execution.
Manage project budgets and resources effectively to implement solutions
Ability to deliver high quality solutions managing scope, on time, within budget and high customer satisfaction.
Gain expertise and guide teams to follow management processes
Demonstrates sound judgment and effective time management
Demonstrated analytical and critical thinking skills
Technical Expertise
Possess a strong understanding of physical security systems, including access control, video management, intrusion detection, and fire alarm systems.
Prepare, review and approve design packages, ensuring adherence to industry standards and business requirements.
Coordinate with design teams to develop accurate and detailed design documentation.
Oversee the selection and procurement of appropriate equipment and materials.
Implement quality control measures to ensure project deliverables meet high standards.
Conduct regular quality assurance reviews and audits.
Identify and address quality issues promptly.
Relationship Management
Build, collaborate, and maintain strong relationships with business stakeholders (IT, Legal, Finance, Facilities, HR etc.)
Set and manage expectations with vendors.
Communicate effectively with business to understand their needs and expectations.
Proactively address business concerns and resolve issues.
Required Skills
8+ years of experience managing physical security projects.
Certifications in Project Management
Strong technical knowledge of physical security systems (C-Cure, Access Control, identity management, video management, intrusion detection systems).
Proficiency in project management tools and software (e.g., Jira, SmartSheets, CAD, BlueBeam etc).
Knowledge of construction and facility management processes.
Excellent communication and interpersonal skills.
Ability to manage multiple projects simultaneously.
Strong problem-solving and decision-making skills
Ebay Software Engineer Network Security United States, Texas, Austin
Share
We are seeking a software-minded engineer with strong development skills who can build reliable tools and services that interact with our network and security platforms. The role emphasizes designing, implementing, and maintaining automation that improves day‑to‑day operations, developer experience, and system reliability. The ideal candidate is fluent in Python, comfortable with Git, testing, and CI/CD, and brings a solid grasp of networking concepts. Experience with firewalls or security tooling is welcome but not required—you will have opportunities to learn these systems while contributing meaningful engineering work.
ResponsibilitiesLead engineering projects to enhance firewall management and network security systems
Build and maintain lab environments for testing automation and operations tools
Develop Python plugins and scripts for security operations automation
Conduct thorough code reviews, testing, and quality assurance for security tools
Participate in on-call rotation to troubleshoot network and security incidents
Support application migration from traditional hosting to Kubernetes environments
Lead structured projects through all phases from requirements to deployment
Develop and enhance vulnerability management processes for network devices
Strong software development skills in Python or Go, with an emphasis on writing clean, maintainable, and well-tested code
Experience building automation tools and services such as CLIs, APIs, or event-driven jobs
Proficiency with Git-based workflows, code reviews, and test automation
Hands-on familiarity with Docker and basic Kubernetes concepts for local development and deployments
Working knowledge of CI/CD pipelines and packaging, release, and deployment best practices
Solid understanding of core networking fundamentals such as TCP/IP, routing, subnets, DNS, and HTTP
Comfortable working in Linux environments and troubleshooting systems issues
Experience integrating with network or firewall device APIs is a plus
Strong communication and collaboration skills with the ability to lead projects end to end
Software engineering experience building tools, services, or integrations
Demonstrated work with networking concepts and protocols applied in real systems
Experience automating infrastructure or operations workflows and integrating with device or vendor APIs
Hands-on experience with containers and orchestration (Docker, basic Kubernetes)
Practical CI/CD experience, including testing, release, and deployment automation
Exposure to firewalls or network security platforms is a plus, not a requirement
Experience leading technical projects end to end in a collaborative environment
This position is ideal for engineers eager to apply their development skills to real-world networking and security challenges, while growing into advanced areas of automation and network security design.
This role includes an on-call rotation component, where the engineer will be responsible for one week of on-call duty approximately once per month.
The base pay range for this position is expected in the range below:
$115,200 - $199,700Unity Infrastructure Security Engineer United States, Texas, Austin
Share
- Perform security design reviews and conduct risk assessments for critical systems and engineering changes.
- Use threat modeling to identify, prioritize, and perform effective risk mitigation of cybersecurity threats. Develop security standards and policies to drive continuous improvement.
- Ensure infrastructure security standards are implemented and enforced throughout the organization.
- Deploy, maintain, and drive the secure system configuration according to standards and best practices and enforced throughout the organization.
- Bachelor’s degree, or foreign equivalent degree, in Computer Engineering, Electronic Engineering, Computer Science, or a related field and four (4) years of related work experience.
- Must have four (4) years of experience with/in:
- Working with cross-functional teams to build secure infrastructure using NIST controls and security framework;
- Applying knowledge of cloud computing environments, including GCP, AWS, and Azure, to enforce security policies, automate security monitoring, and assess infrastructure configurations;
- Using at least one of the following microservice technologies, Containers, Kubernetes or Hashicorp Vault, to conduct architectural reviews focusing on access and secrets management, workload isolation, and runtime security;
- Managing security features and controls using AuthN, AuthZ, PKI, Session Management, and Logging;
- Automating routine security tasks using Bash, Python, and DevOps Terraform/Ansible;
- Working with a variety of technologies, including TCP/IP Stack, Linus/Mac/Windows operating systems, DNS, Firewall, VPN, and email to protect systems and networks from security threats and maintain infrastructure integrity.
- International relocation support is not available for this position.
- Work visa/immigration sponsorship is not available for this position.
- Hours/week, Mon-Fri, 8:30 a.m. - 5:30 p.m. Salary range.
- Telecommuting permitted on a hybrid schedule as determined by the employer.
This position requires the incumbent to have a sufficient knowledge of English to have professional verbal and written exchanges in this language since the performance of the duties related to this position requires frequent and regular communication with colleagues and partners located worldwide and whose common language is English.
Gross pay salary$165,000—$165,000 USDShare
- US, CA, Santa Clara
- time type
- Full time
- posted on
- Posted 4 Days Ago
- job requisition id
NVIDIA is seeking a Senior Technical Program Manager to lead the Infrastructure and Product Security and Compliance program for DGX Cloud. In this role, you will ensure our platforms and partner ecosystem meet the highest standards of trust, resilience, and governance.
As a Senior TPM focused on Cloud Security, you will own the design and execution of a DGXC-wide infrastructure security program that strengthens how DGXC operates with Cloud Service Providers (CSPs) and NVIDIA Cloud Partners (NCPs). You will drive security initiatives by embedding compliance controls, governance frameworks, and best practices across infrastructure, platform, and product teams. This role also ensures Product Security is integrated into product roadmap planning and the software development lifecycle, aligning product and infrastructure priorities. You will work closely with senior leaders and cross-functional teams in Security, Compliance, DevOps, and Engineering to continuously enhance and scale the DGX Cloud Security Posture.
What You’ll Be Doing:
Lead alignment across engineering, product, security, and partner teams to deliver against cloud security guidelines with CSP and NCP partners.
Drive programs that strengthen vulnerability management, access control, patching, and compliance readiness for SOC 2, ISO 27001, and related certifications.
Operate DGXC-wide security engineering forums and processes, establishing security KPIs, dashboards, and “run safe” SRE practices.
Partner with the CISO organization to define and assess emerging cloud providers against DGX Cloud security requirements, driving measurable improvements and action plans.
Implement and evolve security controls frameworks (e.g., SSH hardening, IAM, secret rotation) in CI/CD pipelines to ensure continuous compliance.
Lead certification readiness and audit cycles, including SOC 2 Type 1 & 2 and ISO 27001, from control mapping through evidence collection and remediation.
Chair the DGX Cloud Security & Compliance Working Group, managing governance reviews, risk dashboards, and executive reporting on posture and metrics.
Develop training programs to build security and compliance awareness across Product, DevOps, and Engineering teams.
Create playbooks and automation frameworks that streamline certification renewals, patching cycles, and vulnerability management workflows.
Maintain and continuously improve technical compliance documentation, including system diagrams, process flows, and control mappings.
What We Need to See:
12+ years of Program Management experience driving the planning and execution of large programs, software engineering projects in a fast paced environment.
Consistent track record delivering successful Security, Risk, and/or Compliance programs, particularly in cloud IaaS and SaaS environments, resulting in full certification of a suite of products and services.
Experience leading efforts related to SOC2 (Type 1 and Type 2) audits and readiness, including leading control implementation (e.g., access controls, change management, vulnerability management).
Experience operationalizing vulnerability management, patch management, SSH key governance, and access controls across distributed systems.
Ability to think strategically and tactically and to build consensus in making programs successful; ability to resolve technical issues and resource constraints across cross-functional teams.
Demonstrated ability to define metrics, dashboards, and risk indicators that measure posture improvement and audit readiness.
Proficiency with tools like JIRA, to comfortably guide engineering teams on execution in an Agile/scrum manner and ensure accurate governance artifacts are delivered.
Excellent executive communication and presentation skills able to distill complex technical and compliance topics for senior leadership
MS EE or CS degree, or equivalent experience.
Ways to Stand Out from the Crowd:
Highly motivated with strong interpersonal skills, with proven track record to work successfully with multi-functional teams and coordinate effectively across organizational boundaries and geographies.
Experience implementing security features in a multi-cloud environment.
Experience with sophisticated compliance programs, such as FedRamp, SCO2, or ISO certification efforts.
Solid understanding of tier 1 cloud technologies (AWS, GCP, Azure, OCI).
Experience with productivity tools and process automation.
You will also be eligible for equity and .
These jobs might be a good fit
