Senior Security Architect, Cloud Authentication and Authorization

🕒 il y a 20 jours

🏄 California, North Carolina, +1 états de plus – Distant

🏄 California – Remote 🌲 North Carolina – Remote 🤠 Texas – Remote

💵 $184 000 - $287 500 / an

⏰ Temps Plein

🟠 Senior

👮‍♂️ Cybersécurité / Ingénieur Sécurité

🦅 Parrain de Visa H1B

Cette entreprise a parrainé des visas H1B par le passé.

Postuler Maintenant

Trouver des Emplois à Distance Similaires

Recevoir des emails pour des emplois à distance

📊 Vérifiez votre score de CV pour ce poste

Améliorez vos chances d'obtenir un entretien en vérifiant votre score de CV avant de postuler.

Télécharger le CV

NVIDIA

Site WebLinkedInTous les Emplois

10 000+ employés

Fondée en 1993

🤖 Intelligence artificielle

🎮 Jeux vidéo

Artificial Intelligence • Gaming • Automotive

NVIDIA est une entreprise technologique de premier plan, spécialisée dans le calcul accéléré et l’intelligence artificielle (IA). NVIDIA est à l’avant‑garde des avancées en GPU (processeurs graphiques), cloud computing, centres de données et réalité virtuelle, avec un accent particulier sur les secteurs du gaming, de l’automobile, de la santé et de la robotique. Ses innovations, telles que NVIDIA Omniverse, transforment les processus numériques traditionnels en permettant des simulations haute fidélité et des tâches de rendu de pointe. Ses applications couvrent de nombreux secteurs, des véhicules autonomes avec NVIDIA DRIVE aux solutions de santé avec NVIDIA Clara, ainsi que des analyses et workflows pilotés par l’IA.

Description

• Outline the security architecture strategy for cloud authentication, authorization, workload identity, and agent identity across NVIDIA cloud platforms, AI-enabled systems, enterprise connectors, services, and automation. • Outline processes for establishing, linking, authorizing, delegating, auditing, and retiring human, workload, service, and autonomous agent identities, including attestation-supported identity issuance and certificate-based or temporary credentials. • Develop authorization and delegation frameworks for AI agents and enterprise connectors, encompassing consent, token exchange, prioritized authority, sensitive-action approval, revocation, and protections against confused-deputy behavior. • Lead architecture reviews and threat modeling for high-risk identity and access flows, turning ambiguous scenarios into practical controls that engineering teams can build and verify. • Establish identity lifecycle, telemetry, and emergency-disablement patterns for token issuance, policy decisions, privilege elevation, tool invocation, data access, credential rotation, grant revocation, and compromised or untrusted identities. • Convert emerging AI security risks into authentication, authorization, audit, and execution-boundary requirements. • Partner with identity, cloud, platform, application, AI security, governance, detection, and incident response teams to align architecture decisions with risk strategy and operational reality. • Build reusable architecture patterns, decision records, exception criteria, and implementation mentorship, staying engaged through adoption, validation, and residual-risk closure.

🎯 Exigences

• 8+ years experience in cybersecurity, security architecture, cloud security, IAM, application security, product security, platform security, infrastructure security, or security engineering for distributed systems. • Extensive knowledge in cloud authentication, authorization, IAM, workload identity, agent identity, non-human identity, or identity architecture, combined with hands-on experience in developing, managing, deploying, or assuming direct responsibility for authentic security controls. • Bachelor’s degree in Engineering, Cybersecurity, Data Engineering, or a related technical field, or equivalent experience. • Proficiency in authentication and authorization protocols and frameworks, such as OIDC, OAuth 2.0, SAML, federation, delegation, token exchange, token scope, issuer and audience boundaries, consent, mTLS, certificate-backed identity, prioritized access, and associated technologies. • Direct involvement in handling workload and agent identities, covering attestation processes, Zero Trust Architecture concepts, short-lived credentials, and temporary identities. • Experience developing authorization boundaries for distributed systems, including fine-grained authorization patterns, control points, prioritized delegation, model/data/tool access controls, sensitive-action approval, and execution boundaries. • Proficiency with identity and certificate lifecycle management, including enrollment, provisioning, scope definition, prioritized issuance, renewal, rotation, revocation, expiration, auditability, deprovisioning, lifecycle automation, and awareness of crypto-agility and post-quantum cryptography implications. • Hands-on understanding of AI security risks combined with adequate proficiency in AI-enabled systems to assess timely injection, data exfiltration, unsafe tool use, overbroad authorization, and loss of human accountability. • Strong foundational cybersecurity judgment, including threat modeling, architecture review, risk analysis, practical mitigation development, clear communication of assumptions, partner-team alignment, and follow-through through implementation, verification, documentation, and closure.

🏖️ Avantages

• equity • benefits