What you'd actually do

Lead the development and build of NVIDIA's attestation platform. Establish a single source of trust for the integrity of physical devices and digital systems across Data Center, Automotive, Networking, and AI ecosystems.

Define and evolve a unified attestation strategy across hardware roots of trust, firmware, and runtime integrity — partnering with security, silicon, platform, and software teams to deliver end-to-end trust from silicon to customer-facing SDKs.

Develop highly available, low-latency global cloud services, RESTful APIs, SDKs, and CLIs with 99.9%+ availability, horizontal scalability, automated rollouts, and robust observability.

Architect adaptable, rule-based appraisal policy engines (e.g., Open Policy Agent) for evaluating attestation evidence against endorsements and reference values across diverse compliance and security requirements.

Integrate attestation with firmware signing chains, provenance verification, and software bill of materials (SBOM) to ensure end-to-end supply chain trust across NVIDIA's hardware and software portfolio.

Skills

Required

BS/MS in Computer Science, Information Security, or a related field, or equivalent experience.
12+ years of experience designing and building large-scale, distributed systems and cloud services, with at least 3 years focused on security, attestation, or trusted computing.
Strong programming proficiency in C or C++
Experience with device or software attestation, including remote attestation protocols, challenge-response flows, and trust model design
Solid understanding of cryptographic concepts, PKI, attestation token formats (JWT, CWT, EAT), and platform security technologies including TEEs (Intel SGX/TDX, AMD SEV-SNP), TPMs, DICE, and SPDM.
Proven track record building and operating scalable REST APIs and microservices in production.
Experience with cloud-native platforms: Kubernetes, Docker/containers, and CI/CD pipeline development and management.
Demonstrated ability to lead complex, multi-functional technical projects from architecture through deployment and long-term operation.
Excellent communication and analytical skills

Nice to have

Rust
Go
Python
GPU or accelerator attestation
embedded security modules and TEE platforms (TPM2, AMD SEV-SNP, Intel TDX/SGX, Nitro Enclaves)
architecting and scaling attestation services in production environments
secure API communication (mTLS, token signing, certificate management)
secret/key storage solutions (e.g., HashiCorp Vault, AWS Secrets Manager)
IETF RATS architecture (RFC 9334) and associated attestation standards
maintaining or contributing to open-source repositories
rule-based policy architectures tailored to attestation appraisal and compliance requirements

What the JD emphasized

12+ years of experience designing and building large-scale, distributed systems and cloud services, with at least 3 years focused on security, attestation, or trusted computing.

Proven track record building and operating scalable REST APIs and microservices in production.

Demonstrated ability to lead complex, multi-functional technical projects from architecture through deployment and long-term operation.

Today, we’re tapping into the unlimited potential of AI to define the next era of computing. An era in which our GPU acts as the brains of computers, robots, and self-driving cars that can understand the world. Doing what’s never been done before takes vision, innovation, and the world’s best talent. As an NVIDIAN, you’ll be immersed in a diverse, supportive environment where everyone is inspired to do their best work. Come join the team and see how you can make a lasting impact on the world.

As part of the DGX Cloud organization, the Attestation Services team is building the unified trust layer for Confidential Compute and NVIDIA-wide platforms. In this role, you will architect and operate a global, cloud-native attestation platform that proves the integrity and authenticity of NVIDIA systems at scale. You’ll own highly available, multi-tenant services and APIs that meet 99.9%+ uptime targets. You’ll partner directly with security, silicon, and cloud engineering teams to turn embedded hardware trust mechanisms and attestation standards into reliable, self-service cloud capabilities. If you are passionate about building foundational security and trust services with company-wide impact, we’d love to have you on the team.

What you will be doing:

Lead the development and build of NVIDIA's attestation platform. Establish a single source of trust for the integrity of physical devices and digital systems across Data Center, Automotive, Networking, and AI ecosystems.
Define and evolve a unified attestation strategy across hardware roots of trust, firmware, and runtime integrity — partnering with security, silicon, platform, and software teams to deliver end-to-end trust from silicon to customer-facing SDKs.
Develop highly available, low-latency global cloud services, RESTful APIs, SDKs, and CLIs with 99.9%+ availability, horizontal scalability, automated rollouts, and robust observability.
Architect adaptable, rule-based appraisal policy engines (e.g., Open Policy Agent) for evaluating attestation evidence against endorsements and reference values across diverse compliance and security requirements.
Integrate attestation with firmware signing chains, provenance verification, and software bill of materials (SBOM) to ensure end-to-end supply chain trust across NVIDIA's hardware and software portfolio.
Advocate for and implement IETF RATS (RFC 9334) and related specifications such as Entity Attestation Tokens (EAT), driving interoperability with customer and partner ecosystems via both passport and background-check interaction models.
Define and promote secure development, deployment, and operational guidelines incorporating SRE principles for observability, reliability, automation, and incident response.
Mentor engineers and develop a culture of engineering excellence, clear design thinking, and high-quality execution.

What we need to see:

BS/MS in Computer Science, Information Security, or a related field, or equivalent experience.
12+ years of experience designing and building large-scale, distributed systems and cloud services, with at least 3 years focused on security, attestation, or trusted computing.
Strong programming proficiency in C or C++; experience with additional languages such as Rust, Go, or Python is a strong plus.
Experience with device or software attestation, including remote attestation protocols, challenge-response flows, and trust model design (verifier, relying party, endorser, reference value provider).
Solid understanding of cryptographic concepts, PKI, attestation token formats (JWT, CWT, EAT), and platform security technologies including TEEs (Intel SGX/TDX, AMD SEV-SNP), TPMs, DICE, and SPDM.
Proven track record building and operating scalable REST APIs and microservices in production.
Experience with cloud-native platforms: Kubernetes, Docker/containers, and CI/CD pipeline development and management.
Demonstrated ability to lead complex, multi-functional technical projects from architecture through deployment and long-term operation.
Excellent communication and analytical skills; able to thrive in a fast-paced, highly collaborative environment.

Ways to Stand Out from the Crowd:

Hands-on experience with GPU or accelerator attestation (e.g., NVIDIA Hopper/Blackwell Confidential Computing attestation reports, CC mode verification), as well as embedded security modules and TEE platforms (TPM2, AMD SEV-SNP, Intel TDX/SGX, Nitro Enclaves).
Proven experience architecting and scaling attestation services in production environments.
Experience with secure API communication (mTLS, token signing, certificate management) and secret/key storage solutions (e.g., HashiCorp Vault, AWS Secrets Manager).
Strong knowledge of the IETF RATS architecture (RFC 9334) and associated attestation standards, including attestation evidence formats and verification flows — EAT claims, CBOR/COSE structures, and endorsement matching.
Experience maintaining or contributing to open-source repositories is a bonus, with extra credit for projects directly related to attestation, confidential computing, or security (e.g., Veraison, Confidential Containers, or relevant IETF/TCG efforts) as well as proven track record designing rule-based policy architectures tailored to attestation appraisal and compliance requirements.

Widely considered to be one of the technology world’s most desirable employers, NVIDIA offers highly competitive salaries and a comprehensive benefits package. As you plan your future, see what we can offer to you and your family www.nvidiabenefits.com/

Your base salary will be determined based on your location, experience, and the pay of employees in similar positions. The base salary range is 224,000 USD - 356,500 USD for Level 5, and 272,000 USD - 431,250 USD for Level 6.

You will also be eligible for equity and benefits.

Applications for this job will be accepted at least until March 6, 2026.

This posting is for an existing vacancy.

NVIDIA uses AI tools in its recruiting processes.

NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.