[Remote] Senior Software Engineer, Attestation Services - DGX Cloud
Note: The job is a remote job and is open to candidates in USA. NVIDIA is a leading technology company known for its innovation in AI and computing. They are seeking a Senior Software Engineer to lead the development of a global, cloud-native attestation platform that ensures the integrity and authenticity of NVIDIA systems. The role involves architecting services and APIs, collaborating with various engineering teams, and mentoring engineers.ResponsibilitiesLead the development and build of NVIDIA's attestation platform. Establish a single source of trust for the integrity of physical devices and digital systems across Data Center, Automotive, Networking, and AI ecosystemsDefine and evolve a unified attestation strategy across hardware roots of trust, firmware, and runtime integrity — partnering with security, silicon, platform, and software teams to deliver end-to-end trust from silicon to customer-facing SDKsDevelop highly available, low-latency global cloud services, RESTful APIs, SDKs, and CLIs with 99.9%+ availability, horizontal scalability, automated rollouts, and robust observabilityArchitect adaptable, rule-based appraisal policy engines (e.g., Open Policy Agent) for evaluating attestation evidence against endorsements and reference values across diverse compliance and security requirementsIntegrate attestation with firmware signing chains, provenance verification, and software bill of materials (SBOM) to ensure end-to-end supply chain trust across NVIDIA's hardware and software portfolioAdvocate for and implement IETF RATS (RFC 9334) and related specifications such as Entity Attestation Tokens (EAT), driving interoperability with customer and partner ecosystems via both passport and background-check interaction modelsDefine and promote secure development, deployment, and operational guidelines incorporating SRE principles for observability, reliability, automation, and incident responseMentor engineers and develop a culture of engineering excellence, clear design thinking, and high-quality executionSkillsBS/MS in Computer Science, Information Security, or a related field, or equivalent experience12+ years of experience designing and building large-scale, distributed systems and cloud services, with at least 3 years focused on security, attestation, or trusted computingStrong programming proficiency in C or C++; experience with additional languages such as Rust, Go, or Python is a strong plusExperience with device or software attestation, including remote attestation protocols, challenge-response flows, and trust model design (verifier, relying party, endorser, reference value provider)Solid understanding of cryptographic concepts, PKI, attestation token formats (JWT, CWT, EAT), and platform security technologies including TEEs (Intel SGX/TDX, AMD SEV-SNP), TPMs, DICE, and SPDMProven track record building and operating scalable REST APIs and microservices in productionExperience with cloud-native platforms: Kubernetes, Docker/containers, and CI/CD pipeline development and managementDemonstrated ability to lead complex, multi-functional technical projects from architecture through deployment and long-term operationExcellent communication and analytical skills; able to thrive in a fast-paced, highly collaborative environmentHands-on experience with GPU or accelerator attestation (e.g., NVIDIA Hopper/Blackwell Confidential Computing attestation reports, CC mode verification), as well as embedded security modules and TEE platforms (TPM2, AMD SEV-SNP, Intel TDX/SGX, Nitro Enclaves)Proven experience architecting and scaling attestation services in production environmentsExperience with secure API communication (mTLS, token signing, certificate management) and secret/key storage solutions (e.g., HashiCorp Vault, AWS Secrets Manager)Strong knowledge of the IETF RATS architecture (RFC 9334) and associated attestation standards, including attestation evidence formats and verification flows — EAT claims, CBOR/COSE structures, and endorsement matchingExperience maintaining or contributing to open-source repositories is a bonus, with extra credit for projects directly related to attestation, confidential computing, or security (e.g., Veraison, Confidential Containers, or relevant IETF/TCG efforts) as well as proven track record designing rule-based policy architectures tailored to attestation appraisal and compliance requirementsBenefitsEquityComprehensive benefits packageCompany OverviewNVIDIA is a computing platform company operating at the intersection of graphics, HPC, and AI. It was founded in 1993, and is headquartered in Santa Clara, California, USA, with a workforce of 10001+ employees. Its website is https://www.nvidia.com.Company H1B SponsorshipNVIDIA has a track record of offering H1B sponsorships, with 448 in 2026, 1872 in 2025, 1354 in 2024, 976 in 2023, 835 in 2022, 601 in 2021, 529 in 2020. Please note that this does not guarantee sponsorship for this specific role.