Offensive Security Researcher at Nvidia Corporation in Santa Clara, California

Job Description:

NVIDIA's Offensive Security Team needs an Offensive Security Researcher to help discover and root out low-level vulnerabilities in the kernel, hypervisor, or firmware layers. The Researcher's main focus is to find attack paths in low level systems and produce proof-of-concept exploits, enabling us to tell meaningful stories as we drive security across our most critical products!

Know anyone interested in finding low level vulnerabilities? If so, they should happily apply to NVIDIA's exciting new research role where we can all benefit from their knowledge and experience.

What you will be doing:

• Plan, scope, and implement partner hackathon operations against mostly server systems
  
  


• Scout the threat landscape of low-level microcode, pursuing opportunities when discovered to build our exploit equity
  
  


• Partner with other NVIDIA Offensive Security Researchers to take on our hardest problems over time: this race is a marathon and not a sprint
  
  


• Build new adversary tools, techniques, or methodologies for lower level systems, accommodating partner teams with reasonable expectations and timeframes
  
  

What we need to see:

• 8+ years demonstrated ability as a kernel exploit developer or applied security researcher for a company, organization, or both: security boundaries fall before the skills of the researcher
  
  


• Track record of published or unpublished CVEs, bug discovery, or proof-of-concept creation for the lower level tech stack without mitigations removed (disabled AMSI is not the way)
  
  


• Growth Mindset. NVIDIA has hard problems to solve, and we are excited for opportunities to discover new attacks every day
  
  


• Helpful demeanor, as we are trusted adversaries and that trust needs to remain strong
  
  


• Bachelor's degree (or equivalent experience) in Computer Science, Information Security or a related field
  
  

Ways to stand out from the crowd:

• Published CVEs against the hypervisor, kernel, or low-level microcode: race conditions are a bonus!
  
  


• Practiced methodology for developing syscalls and jumping from user to kernel: proven exploit work, bug bounty experience, and C/C++ mastery helps
  
  


• Offensive Security focused research, being published is a bonus, and security Conference speaking, blog posts, or presentations
  
  


• Moxy: Operators need to be intellectually honest to ensure that only the best plans are selected and actioned
  
  

The base salary range is 180,000 USD - 339,250 USD. Your base salary will be determined based on your location, experience, and the pay of employees in similar positions.

You will also be eligible for equity and benefits. NVIDIA accepts applications on an ongoing basis.

NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.

Apply Now