NVIDIA’s Product Security Incident Response Team (PSIRT) needs a Technical Program Manager to help us manage vulnerability remediation in NVIDIA’s products, participate in incident response activities, and enable automation. The ideal candidate will improve NVIDIA’s internal software security response procedures, prioritize both public and internal vulnerabilities, and collaborate across teams to handle the end-to-end resolution of issues. Products can include GPUs, automotive components, and embedded devices; expertise in these areas is not required, but flexibility and a wide comprehension of device usage and requirements is desirable. 

As an NVIDIAN, you’ll be immersed in a diverse, supportive environment in which everyone is inspired to do their life’s work. Come join the team and see how we can work together to make a lasting impact on the world! 

What you’ll be doing: 

• Work with the PSIRT team to craft, implement, and improve processes and to lead NVIDIA’s vulnerability handling capabilities

• Develop and enhance PSIRT tools and automation scripts, primarily using Python, to streamline vulnerability handling processes, define feature roadmaps, and create requirements for supporting new or improved processes. 

• Collaborate with NVIDIA’s Security Tools Team to prioritize requirements and drive completion of essential features. 

• Manage and resolve reported security vulnerabilities by engaging with researchers, partners, and internal teams, while recommending and implementing improvements to prevent issue recurrence. 

• Document and maintain process flows and develop continuous improvement strategies for Bug Bounty programs. 

• Communicate PSIRT involvement and draft security disclosures at all leadership levels, while championing continuous improvement in security activities. 

• Actively participate in cyber-operations as part of a broader team to shape and strengthen the organization's security culture. 

​

What we need to see:

• Ability to scale knowledge quickly with mentorship. 

• Effective written and verbal communication skills. 

• Ability to work cross-functionally and remotely with other teams. 

• BS/BA degree or equivalent experience. 

• 5+ years of experience. 

• Proficiency in Python or similar programming languages and experience with security development lifecycle  

Ways to stand out from the crowd: 

• Knowledge of containerization tools like Docker and orchestration tools like Kubernetes

• Understanding of CI/CD pipelines and tools 

• Project management experience  

• Experience in a previous PSIRT, security development lifecycle (SDL), or bug bounty management role 

• Understanding of Software Vulnerabilities, Incident Response, Coordinated Vulnerability Disclosure, and experience with hackathons.