Jobs · Engineering

Principal Software Engineer, Agent Policy Fabric

NVIDIA · Texas, United States · 2 wk ago
RemoteRemoteEngineeringFull-time

About the role

The Cloud Engineering & Services team is building an enterprise governance layer for agentic systems. The Principal Software Engineer, Agent Policy Fabric (APF) Core Platform, will play a critical role in building the foundations for the signed policy, Runtime Policy Verifier, projection, conformance, and failure mode that future APF deployments depend on.

Responsibilities

  • Own APF Core Services: Build and harden the Runtime Policy Verifier, signed policy bundle verification, trust-root handling, freshness, rollback protection, subject binding to attested runtime context, revocation checks, and authorization APIs used by APF-compatible enforcement points.
  • Design Policy Projection: Implement deterministic projections from the canonical APF policy into OpenShell-native runtime policy, adapter constraints, credential constraints, audit requirements, and model-visible tool hints, while preserving the atomic projection-admission contract.
  • Create golden fixtures, compatibility tests, negative tests, fuzz/property tests, and conformance suites that prove APF-compatible runtimes and adapters honor the same contract.
  • Collaborate with Runtime Owners: Engage alongside OpenShell and Infrastructure engineers on public runtime interfaces for projection consumption, runtime context attestation, approved adapter paths, direct egress verification, and admission/rejection semantics.
  • Land the Runtime integration surfaces. Own the cross-team work with OpenShell and other runtime owners to land public substrate interfaces APF composes against — runtime-context attestation, approved adapter path declaration, projection acceptance and rejection semantics, quarantine, and stop-session hooks. Land each as a public RFC or PR.
  • Drive Architecture Maturity: Define versioning, schema compatibility, latency budgets, availability behavior, fail-closed defaults, last-known-good policy handling, and engineering review artifacts for Product Security, Fleet, Identity, and partner teams.
  • Evolve technical specifications. Write specifications, defend bounded claims in security and architecture reviews, drive open-decision resolution, and turn working-draft contracts into engineering artifacts that Product Security, Fleet, Identity, and partner runtimes can adopt.

Requirements

  • Bachelor's degree (or equivalent experience) with 15+ years of industry experience in systems software, security engineering, distributed systems, or policy infrastructure.
  • Strong programming skills in Rust, Go, C++, or Python; experience designing production services, APIs, schemas, policy engines, authorization systems, or signed artifact pipelines.
  • Linux systems, IPC or service-to-service APIs, protobuf/gRPC or equivalent wire formats, CI, test automation, release engineering, and cloud or enterprise deployment environments.
  • Practical experience with authorization, cryptographic signatures, trust roots, revocation, subject binding, rollback protection, secure-by-default failure handling, and zero-trust architecture patterns.
  • Ability to write streamlined technical specifications, align multiple engineering owners, defend bounded claims, and turn working-draft architecture into buildable interfaces without over-scoping the runtime.

Qualifications

  • Experience with OPA/Rego, Cedar, Zanzibar-style authorization, policy compilers, sandbox policy, or runtime enforcement systems.
  • Familiarity with agent frameworks, tool-call governance, sandboxed execution, OpenShell-like runtime substrates, MCP-style tool routing, or credential isolation for agents.
  • Experience with Sigstore, TUF, in-toto, HSM-backed signing, package provenance, signed configuration, or enterprise trust-root distribution.
  • Experience using property testing, model checking, symbolic execution, red-team findings, or bounded verification to constrain security claims.
  • Experience contributing to RFCs in identity, supply-chain, or policy spaces (IETF, OpenID Foundation, FIDO Alliance, CNCF, NIST).

Skills

  • Runtime Policy Systems: Experience with OPA/Rego, Cedar, Zanzibar-style authorization, policy compilers, sandbox policy, or runtime enforcement systems.
  • Agent Runtime Security: Familiarity with agent frameworks, tool-call governance, sandboxed execution, OpenShell-like runtime substrates, MCP-style tool routing, or credential isolation for agents.
  • Supply Chain and Signing: Experience with Sigstore, TUF, in-toto, HSM-backed signing, package provenance, signed configuration, or enterprise trust-root distribution.
  • Formal or Adversarial Verification: Experience using property testing, model checking, symbolic execution, red-team findings, or bounded verification to constrain security claims.
  • Standards engagement: Experience contributing to RFCs in identity, supply-chain, or policy spaces (IETF, OpenID Foundation, FIDO Alliance, CNCF, NIST).

Benefits

  • Competitive salaries
  • A generous benefits package

Pay

Base salary range: 272,000 USD - 431,250 USD

Schedule

Full-time

Similar jobs