NVIDIA is seeking a Security Engineer to address the challenge of enabling secure, efficient, and auditable software releases by integrating open source license management, legal policy alignment, and risk remediation into the development lifecycle.
Requirements
- Proficiency in Python and/or Go for backend services and platform logic.
- Experience designing REST APIs and deploying services in containerized cloud-native environments.
- Familiarity with open source license types (e.g., GPL, Apache, MIT) and their legal implications.
- Strong understanding of SBOM formats (e.g., SPDX, CycloneDX) and license detection tools
- Solid experience with CI/CD workflows and developer toolchains (e.g., GitHub, Jenkins, GitLab).
- Experience building or integrating AI/agentic systems that support reasoning over license metadata or compliance guidance.
- Hands-on experience with legal compliance platforms, OSS license management, or policy-as-code implementations.
Responsibilities
- Design and implement full stack applications to automate secure and compliant software release workflows
- Streamline the legal intake process by simplifying how developers register OSS usage and request license approvals through automation and smarter defaults.
- Build backend services and integrations to detect, assess, and track open source license usage across source code, containers, and binary artifacts.
- Develop APIs and tools that surface license risks to developers early in the lifecycle and enable secure-by-default release pipelines.
- Build agentic workflows that improve license data quality, resolve metadata gaps, and offer guidance for low-risk OSS usage scenarios.
- Integrate with internal platforms for SBOM generation, license risk analysis, vulnerability scanning, and PLC readiness to ensure SOL-aligned releases.
- Contribute to standardizing license classification, remediation workflows, and policy guardrails across teams.
Other
- Bachelor’s degree in Computer Science, Information Security, or equivalent experience.
- Strong collaboration and multi-functional communication skills.
- Experience integrating SCA (Software Composition Analysis) tools and managing remediation at scale.
- Background working with legal, open source, or policy governance teams in fast-paced product environments.
- Frontend proficiency with Angular and/or ReactJS for building intuitive UIs for legal or compliance insights.
