NVIDIA is seeking a Cybersecurity Manager to join our Cyber Defense & Response (CDR) team. You will lead security operations and incident response initiatives across the organization. This role is ideal for a security leader who confidently addresses critical security incidents and swiftly makes containment decisions. It includes supporting the team's health, operational processes, and cross-function collaborations that foster a strong, high-performing security function.
Serving as a manager on the Cyber Defense & Response team, you will guide the complete incident response lifecycle. You will ensure operational preparedness is maintained to support it. You will convert NVIDIA’s engineering-first, technology-focused, data-informed defense strategy into practical plans. You will partner closely with skilled incident responders, security engineers, threat intelligence specialists, and product, platform, and engineering teams to safeguard NVIDIA’s corporate, cloud, and product environments.
What you'll be doing:
- Lead day-to-day Cyber Defense & Response (CDR) functions, ensuring operational readiness, execution rigor, and alignment with NVIDIA’s cybersecurity strategy.
- Responsible for the incident response lifecycle from start to finish. Act as the point person for critical incidents and lead efforts to investigate, contain, recover, and review the incident afterward.
- Increase detection and response efficiency by continuously broadening coverage across on-premises and multi-cloud environments, targeting GPU-accelerated and AI/ML workloads.
- Set detection expectations and standards aligned to NVIDIA’s threat landscape, defining monitoring requirements, coverage goals, and compliance requirements.
- Own operational performance and outcomes, including MTTD, MTTC, MTTR, detection coverage, alert quality, and false-positive reduction—focused on root-cause improvement.
- Run CDR improvements following agile methods, keeping a risk-prioritized backlog and guiding delivery via planning, reviews, and retrospectives.
- Drive agentic transformation of manual SOC work — identify repetitive analyst tasks and convert them into automated, event-based AI pipelines.
- Partner with Security Engineering to operationalize tooling, automation, playbooks, and post-incident improvements that measurably improve response efficiency.
What we need to see:
- Bachelor's degree in Computer Science or related field, or equivalent experience.
- 8+ overall years of experience in cybersecurity, including 3+ years managing people within a SOC or incident response function.
- Strong technical depth to step into an active incident independently — reading SIEM queries, evaluating automation workflows, investigating alerts, and assessing case quality with deep expertise in SOC-relevant domains (digital forensics & incident response, cloud security, detection engineering, log analysis, malware analysis, or security automation).
- Strong knowledge of cloud security (AWS, Azure, GCP, and other CSPs), identity and access management, endpoint protection, and securing containerized or GPU-based AI/ML workloads.
- Demonstrated experience owning operational metrics and driving measurable improvements.
- Experience building or improving incident response processes, playbooks, and critical issue workflows.
- Proven ability to lead global, 24x7 teams across distributed shift structures using agile practices, with ownership of backlog prioritization and sprint metrics.
- Ability to convey complex security concepts clearly to engineers, executives, and legal and compliance partners.
Ways to stand out from the crowd:
- Calm, decisive leadership during high-severity incidents — leading teams, making containment calls under pressure, and presenting clearly across technical and executive stakeholders.
- Track record deploying security automation, orchestration, analytics, and AI agentic SOC workflows that measurably reduce manual workload, false positives, analyst toil, and response times.
- Experience developing detections and response playbooks for AI/ML systems, coordinating with product or supply‑chain security teams, and integrating or migrating SIEM/EDR across hybrid multi‑cloud environments, including CSP log sources, MDR partners, and co‑managed detection and response models.
- Relevant certifications such as GCIH, GCFA, GCFR, CISSP, or AWS/Azure/Google Security.
- Recognized builder of team culture — cultivating psychological safety, fostering continuous learning, and celebrating wins while holding standards high.
NVIDIA is widely considered to be one of the technology world’s most desirable employers. We have some of the most forward-thinking and hardworking people in the world working for us. If you're creative and autonomous, we want to hear from you!