Penetration Tester

Details

At NVIDIA, we’re tapping into the unlimited potential of AI to define the next era of computing. An era in which our GPU acts as the brains of computers, robots, and self-driving cars that can understand the world. Doing what’s never been done before takes vision, innovation, and the world’s best talent. NVIDIA’s Offensive Security team is seeking a seasoned Penetration Tester to plan, prioritize, and implement high-impact security assessments across a wide range of technologies. As part of the broader Product Security organization, you will act as a trusted security advisor, partnering with engineering teams to identify vulnerabilities, model threats, and enable secure product development. Our scope goes far beyond traditional web applications — from cloud-native platforms to AI/ML pipelines and outstanding NVIDIA hardware interfaces, this role offers a chance to break things you’ve never seen broken before!

Responsibilities

• Perform open-box penetration testing and adversarial assessments across diverse environments, including APIs, cloud infrastructure, automation pipelines, and custom platforms.
• Engage cross-functional product teams to define scope, set expectations, and collaboratively schedule assessments.
• Assess risk and prioritize testing based on asset criticality, exposure, and business impact — helping teams understand trade-offs when resources are limited.
• Drive communication around assessment pipeline and capacity, using clear messaging across verbal, visual, and written formats.
• Lead and participate in threat modeling sessions and scenario-based tabletop exercises that inform secure design and architecture decisions.
• Deliver actionable findings, technical recommendations, and remediation guidance tailored to a wide variety of audiences.

Requirements

• Bachelor’s degree or equivalent experience.
• 8+ years of practical offensive security or red teaming experience, including a consistent track record of impactful findings or public vulnerabilities.
• Strong interpersonal and partner leadership skills — able to establish rapport and maintain trust while delivering difficult messages.
• An attitude passionate about progress and demonstrated success in adapting to new, challenging situations.
• Familiarity with infrastructure as code, CI/CD tooling, or environments like Kubernetes and Terraform.
• A collaborative, consultative approach grounded in service, emotional intelligence, and technical rigor.

Ways To Stand Out from the crowd

• Deep expertise in Burp Suite or prior experience as a Red Team operator.
• Research contributions, CVEs, or published work in the security space.
• Relevant personal projects, GitHub activity, conference talks, or blog content that demonstrate a passion for offensive security.
• Advanced certifications such as OSWE, OSEP, or similar.