Offensive Security Researcher

at Nvidia
πŸ“ Santa Clara, United States
USD 224,000-425,500 per year
MIDDLE
βœ… On-site

SCRAPED

Used Tools & Technologies

Not specified

Required Skills & Competences ?

Security @ 3 LLM @ 3

Details

NVIDIA is looking for security researchers passionate about offensive research across different platforms. You will identify hardware and software vulnerabilities, develop proofs-of-concept (PoC), and build tools to automate vulnerability research. Candidates should be creative in offensive approaches and able to excel in a fast-paced environment working on integrated software and hardware computing platforms spanning HPC data centers, consumer electronics, autonomous platforms, AI/cloud solutions, and embedded/IoT platforms.

Responsibilities

  • Identify vulnerabilities in embedded firmware and critical system software and build proof-of-concepts.
  • Collaborate with development teams to remediate discovered issues and support remediation efforts.
  • Improve tools and offensive practices for bug discovery and evaluation; develop automation to accelerate vulnerability research.
  • Model and exercise modern attack vectors against unreleased and emerging technology platforms.
  • Simulate realistic attacker behaviors and exploit design assumptions to break systems; effectively communicate findings for action.
  • Increase product resilience by working closely with software and hardware offensive security teams across a broad range of product targets.

Requirements

  • Proven offensive security research experience (CVE disclosures, publications, patents, tools, bug bounties) with demonstrated responsible disclosure practices.
  • Strong reverse engineering and automation skills (experience with IDA, Ghidra).
  • Fuzzing experience (AFL, WinAFL, Syzcaller) and exploitation skills (ROP, memory corruption).
  • Understanding of modern embedded cryptography and common security issues in embedded systems.
  • Experience with ARM / x86 / RISC-V assembly, including shellcode development, and low-level C programming.
  • Experience or understanding of micro-architectural attacks (side channels, fault injection, etc.).
  • Demonstrated ability to perform secure code reviews of complex projects and familiarity with code-quality/security practices (SDL, threat modeling).
  • Comfortable collaborating and working remotely with cross-functional teams.
  • BS/BA degree or equivalent experience.
  • 12+ years in a security-related field.

Ways to stand out

  • Ability to analyze composed systems to identify high-risk components and establish testing targets and objectives.
  • Practical skills using Hex-Rays IDA Pro and developing plugins/loaders (or similar experience with Ghidra).
  • Leveraging AI advancements to accelerate discovery and resolution of security risks; development and integration of AI tooling.
  • Experience with enclave/isolation technologies (NVIDIA CC, ARM TEE, Intel SGX/TDX, AMD SEV-SNP).
  • Experience targeting AI model components (LLM or other) within platforms.

Benefits

  • Base salary (location- and level-dependent): Level 5 range: 224,000 USD - 356,500 USD; Level 6 range: 272,000 USD - 425,500 USD.
  • Eligibility for equity and company benefits.

Applications for this job will be accepted at least until August 12, 2025. NVIDIA is an equal opportunity employer and values diversity in its workforce.