NVIDIA's Offensive Security Team needs an Offensive Security Researcher to help discover and root out low-level vulnerabilities in the kernel, hypervisor, or firmware layers. The Researcher’s main focus is to find attack paths in low level systems and produce proof-of-concept exploits, enabling us to tell meaningful stories as we drive security across our most critical products! Know anyone interested in finding low level vulnerabilities? If so, they should happily apply to NVIDIA's exciting new research role where we can all benefit from their knowledge and experience. What you will be doing:
Plan, scope, and implement partner hackathon operations against mostly server systems
Scout the threat landscape of low-level microcode, pursuing opportunities when discovered to build our exploit equity
Partner with other NVIDIA Offensive Security Researchers to take on our hardest problems over time: this race is a marathon and not a sprint
Build new adversary tools, techniques, or methodologies for lower level systems, accommodating partner teams with reasonable expectations and timeframes
What we need to see:
8+ years demonstrated ability as a kernel exploit developer or applied security researcher for a company, organization, or both: security boundaries fall before the skills of the researcher
Track record of published or unpublished CVEs, bug discovery, or proof-of-concept creation for the lower level tech stack without mitigations removed (disabled AMSI is not the way)
Growth Mindset. NVIDIA has hard problems to solve, and we are excited for opportunities to discover new attacks every day
Helpful demeanor, as we are trusted adversaries and that trust needs to remain strong
Bachelor's degree (or equivalent experience) in Computer Science, Information Security or a related field
Ways to stand out from the crowd:
Published CVEs against the hypervisor, kernel, or low-level microcode: race conditions are a bonus!
Practiced methodology for developing syscalls and jumping from user to kernel: proven exploit work, bug bounty experience, and C/C mastery helps
Offensive Security focused research, being published is a bonus, and security Conference speaking, blog posts, or presentations
Moxy: Operators need to be intellectually honest to ensure that only the best plans are selected and actioned
The base salary range is 180,000 USD - 339,250 USD. Your base salary will be determined based on your location, experience, and the pay of employees in similar positions.You will also be eligible for equity and benefits (https://www.nvidia.com/en-us/benefits/) . NVIDIA accepts applications on an ongoing basis. NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.NVIDIA is a Learning Machine NVIDIA pioneered accelerated computing to tackle challenges no one else can solve. Our work in AI and the metaverse is transforming the world's largest industries and profoundly impacting society. Learn more about NVIDIA .