Senior Cybersecurity Engineer – Identity Architecture
NVIDIAAt NVIDIA, continuous innovation in AI and accelerated computing demands robust, automated, and secure production environments! The Enterprise Security organization is seeking a Senior Cybersecurity Engineer – Identity Architecture to serve as a technical authority for Active Directory, Microsoft Entra ID, and hybrid identity security. This role is responsible for architecting, securing, and modernizing NVIDIA’s global identity platform across on-premise, cloud, and hybrid environments.
This position requires a hands-on identity architect who also supports critical operations. Take the lead in identity strategy and modernization efforts while ensuring day-to-day platform reliability, security, and audit readiness. Partner across security, infrastructure, cloud, and application teams to deliver scalable, Zero Trust aligned identity solutions at enterprise scale. We operate at the core of enterprise security, architecting and protecting identity systems that support some of the most advanced computing platforms in the world. This role offers the opportunity to influence strategy, lead modernization, engage with executives, and leave a lasting security impact—working alongside world-class engineers and security leaders.
What you'll be doing:
Architect, Operationalize, and scale Zero Trust Identity and Access platforms - Lead the modern directory and cloud identity strategy, including migration of applications from on-prem Active Directory to Microsoft Entra ID
Architect, evolve, and provide senior technical ownership for enterprise scale Active Directory and Microsoft Entra ID environments, including forest and domain design, tenant architecture, trust models, OU strategy, and globally distributed identity services.
Drive application authentication modernization (SAML, OAuth, OpenID Connect) by partnering with application owners, security, and infrastructure teams to ensure seamless migrations with minimal business disruption.
Design and implement advanced identity security controls such as Conditional Access, MFA, privileged access workflows, least-privilege access models, and identity attack-path reduction across Windows, Linux, and cloud-integrated systems.
Design and develop automation using PowerShell and Python to improve identity lifecycle management, security enforcement, operational efficiency, and platform consistency.
Establish monitoring, observability, and operational strategies to ensure availability, health, and reliability of identity services using SCOM or equivalent platforms, while providing expert-level support for complex incidents and escalations.
Lead incident management, triaging, and postmortems with security context, ensuring rapid root-cause analysis and recovery.
Architect and integrate IAM, PAM, and PKI ecosystems (e.g., Silverfort, CyberArk, AppviewX), including certificate lifecycle management, while serving as a technical lead for audit, risk, and compliance initiatives.
What we need to see:
Bachelor’s or Master’s degree in Computer Science or related field, or equivalent experience.
12+ years of experience in Active Directory architecture and security at large-scale enterprise environments.
Proven expertise designing and securing Microsoft Entra ID (Azure AD) in hybrid and cloud-first architectures.
Strong background in Windows Server security, with working knowledge of Linux authentication models.
Deep understanding of identity-based attack techniques, Zero Trust architecture, and modern IAM controls. Hands-on experience with IAM and PAM solutions (CyberArk, Silverfort, SailPoint, or similar).
Working knowledge of PKI and certificate-based authentication.
Advanced proficiency in PowerShell scripting; Python experience strongly preferred.
Experience with monitoring platforms such as SCOM, Datadog, or equivalent.
Demonstrated experience supporting enterprise audits and compliance initiatives.
Excellent written and verbal communication skills, including executive-level presentations.
Ways To Stand Out from the Crowd:
Strong analytical skills with the ability to collect, organize, and disseminate significant amounts of information with attention to detail and accuracy.
Highly independent, able to lead key technical decisions, influence project roadmap and work effectively with team members
Proven experience leading enterprise identity transformations or AD-to-cloud modernization programs.
Experience reducing or eliminating legacy authentication protocols at scale.
Preferred Certifications: Microsoft Certified Identity and Access Administrator (SC-300) & Azure Solutions Architect Expert. CISSP, CCSP, CEH, or equivalent senior security certifications
NVIDIA is widely considered to be one of the technology world’s most desirable employers. We have some of the most forward-thinking and hardworking people in the world working for us. If you're creative and autonomous, we want to hear from you!
Your base salary will be determined based on your location, experience, and the pay of employees in similar positions. The base salary range is 196,000 USD - 310,500 USD.You will also be eligible for equity and benefits.
This posting is for an existing vacancy.
NVIDIA uses AI tools in its recruiting processes.
NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.