Principal Engineer, Security & Access Management (Agentic AI)

About the Role

Key Responsibilities

• Lead the technical direction and architecture for the team, making key decisions on technology stacks, and design patterns for identity and access management.
• Mentor and guide a talented team of security engineers, fostering a culture of innovation, collaboration, and excellence.
• Translate the team's vision and business requirements into a clear technical roadmap and tangible deliverables.
• Collaborate with cross-functional teams, including product, engineering, and compliance, to deliver cohesive and secure solutions.
• Design, build, and maintain robust, scalable, and secure authentication and authorization services using modern protocols like OAuth 2.0 and OpenID Connect (OIDC).
• Serve as the in-house expert on all aspects of identity, from fundamental concepts to intricate implementation details.
• Pioneer the security strategy for the Agentic AI platform, addressing unique challenges and threats.
• Conduct threat modeling for AI agents and multi-agent systems to identify and mitigate risks such as prompt injection, model exploitation, and data poisoning.
• Design and implement security controls for the entire AI model lifecycle, from data ingress to model deployment and inferencing.
• Participate in the security community, contribute to RFC documents related to authentication, authorization, or security best practices.
• Ensure security practices and services are compliant with relevant industry standards and regulations, interfacing with auditors for certifications such as FedRAMP, HIPAA, and ISO 27001.

Requirements

• Bachelor's degree in Computer Science, Engineering, or a related field, or equivalent practical experience.
• 8+ years of experience in software engineering, with at least 4 years in a security-focused role.
• Deep, hands-on expertise with OAuth 2.0 and OIDC, including a thorough understanding of the specifications and various grant types.
• Proven experience in designing and building highly scalable, distributed, and fault-tolerant systems.
• Strong programming skills in one or more languages such as Go, Python, Java, or Rust.
• Excellent leadership and communication skills, with the ability to articulate complex technical concepts to both technical and non-technical audiences.
• Experience with maintaining software that is delivered in an on-premise or self-managed environment.

Nice to Have

• Master's degree or PhD in a relevant field.
• Demonstrable experience authoring, reviewing, or providing significant contributions to IETF RFCs or similar standards documents.
• Experience in securing AI/ML systems, with a focus on the security challenges of Agentic AI.
• Familiarity with identity and access management standards such as SAML, SCIM, and WebAuthn.
• Experience with cloud-native security and identity services (e.g., AWS IAM, Google Cloud Identity, Azure AD).
• A passion for open-source and contributions to relevant projects.
• Ability to meet requirements for U.S. Government contract work, including U.S. Citizenship.

Benefits & Perks

• Medical, Dental & Vision Insurance
• Flexible Time Off Program
• Paid Holidays
• Paid Parental Leave
• Global Employee Assistance Program (EAP)