Nvidia Secure Development Platform Engineer 

United States, Texas 

830353175

Design and build agent-based security tooling to monitor and evaluate secure development practices across SDLC workflows.

Develop backend services that ingest data from version control, CI/CD pipelines, SBOMs generation platforms, and container registries to surface security and compliance risks.

Find risks in security, legal, and SDLC areas and direct to collaborators for timely resolution.

Build and maintain OSS security automation pipelines that enable early detection and resolution of known vulnerabilities (e.g., CVEs).

Integrate with internal platforms for secret scanning, vulnerability analysis, and policy enforcement to deliver real-time contextual feedback to developers.

Improve the precision of alerts and reduce noise through context-aware signal processing and risk-based prioritization; build clear, actionable checklists that help assess release readiness based on the release’s context and risk profile.

Partner with DevSecOps, Legal, and Engineering teams to align OSS governance and enforce NVIDIA’s security guardrails.

Contribute to the development of metrics, dashboards, and reports to drive adoption and track improvements in SDLC security posture.

Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent experience).

3+ years of experience in software engineering or platform security, ideally supporting developer productivity or automation tooling.

Proficiency in Python and/or Go to build backend services and platform agents.

Familiarity with GitHub, GitLab, or Jenkins-based CI/CD environments and secure coding practices.

Experience building or integrating secret scanning, OSS vulnerability scanning (e.g., SCA tools), and code quality tooling.

Understanding of container security fundamentals and cloud-native architectures (Docker, Kubernetes, AWS).

Ability to synthesize software risks into actionable remediations for developers and product teams.

Strong written and verbal communication skills for collaborating with collaborators across engineering, security, and compliance.

Experience building security agents, linters, or static/dynamic analysis tools embedded into the SDLC.

Familiarity with AI-assisted development tools or integrating LLMs into secure code review workflows.

Hands-on experience with open source security automation platforms (e.g., OSV-Scanner, Trivy, Grype, or Semgrep).

Experience managing OSS dependency policies, license risk exceptions, or policy-as-code implementations.

Experience contributing to SDLC or security automation frameworks at scale in a high-growth environment.