Software Development Life Cycle Reviewer - Cybersecurity

About NVIDIA

At NVIDIA, we are at the forefront of defining the next era of computing by harnessing the immense potential of AI. Our GPU technology serves as the intelligent core for advanced computers, robots, and self-driving vehicles that can comprehend the world around them. Achieving unprecedented innovations requires vision, groundbreaking ideas, and the finest talent globally. As an NVIDIAN, you will thrive in a diverse and supportive environment that inspires everyone to perform at their peak.

Do you aspire to play a crucial role in upholding NVIDIA’s rigorous standards for secure, compliant, and legally sound software delivery? We are actively seeking a meticulous and collaborative Software Development Life Cycle Reviewer - Cybersecurity to enhance our Cybersecurity team!

Role Overview

The successful candidate will be responsible for ensuring that software releases and the integration of open-source components adhere strictly to security, compliance, and licensing mandates. This role involves serving as the initial point of review for Consumer and Enterprise releases, providing expert guidance to developers navigating the Secure Development Life Cycle (SDLC), and efficiently triaging and directing licensing-related concerns.

What You’ll Be Doing

• Release Reviews: Systematically review software releases to confirm full alignment with the Secure Development Life Cycle (SDLC) and compliance with all defined release policies.
• Open Source Triage: Execute a primary review of open-source packages for license compliance, escalate complex or special cases to the Open Source Review Board (OSRB), and function as a Project Manager to guarantee the prompt conclusion of these reviews.
• Developer Mentorship (SDLC): Offer clear, practical guidance to platform developers concerning requirements intent, effective implementation methods, expected evidence, and comprehensive policy alignment. Engage with Security Architecture, Engineering, and Compliance teams for more in-depth reviews when necessary.
• Developer Mentorship (Open Source): Counsel platform developers on the Open Source License Review process, clarifying all licensing and attribution requirements. Collaborate closely with the OSRB for highly sophisticated or ambiguous cases.
• Office Hours & Support: Facilitate bi-weekly office hours and respond to developer inquiries within Slack support channels. Utilize established playbooks and guidelines to ensure developers receive consistent, accurate, and timely support.

What We Need To See

• Over 5 years of professional experience effectively collaborating with developers and diverse multi-functional teams to articulate policy requirements in an understandable and actionable manner.
• Exceptional organizational capabilities, demonstrated by the ability to manage multiple concurrent reviews and drive them to timely resolution.
• Superior written and verbal communication skills, with a proven comfort in delivering mentorship through both structured office hours and informal, ad-hoc support channels.
• A strong capacity for critical thinking, enabling appropriate escalation of issues when more profound technical or legal expertise is required.
• A Bachelor's degree or equivalent practical experience.

Key skills/competency

• Cybersecurity
• SDLC
• Open Source Compliance
• Software Release Management
• Licensing Requirements
• Policy Enforcement
• Developer Support
• Risk Management
• Communication Skills
• Compliance Auditing