At NVIDIA, AI agents are becoming part of how work gets done across engineering and enterprise workflows! As these systems begin to access tools, call APIs, and participate in multi-step operations, the identity and security controls built primarily for human users need to evolve to support non-human and agent-driven workflows safely and reliably.
We are seeking a Principal Engineer to help define and build core agentic identity capabilities that enable trusted AI agents across NVIDIA’s internal ecosystem. This is a hands-on engineering role for someone who can turn complex problems into practical designs, quickly prototype solutions, and work across identity, security, platform, and application teams to bring the right infrastructure into production.
What you will be doing:
- Architect and build agent identity security features for agent use cases across cloud, on-premises, and hybrid environments. Apply relevant standards and patterns where possible. Rapidly prototype, validate, and iterate on innovative ways when gaps remain, such as credential brokering, token exchange, delegation, workload identity, and lifecycle management.
- Rapidly identify the highest-value MVP for ambiguous security and identity problems, prototype solutions, validate them with partner teams, and iterate toward production-ready services.
- Build reusable skills, CLI tools, APIs, and integration patterns that help internal teams embrace secure agent identity approaches across enterprise tools and platforms.
- Partner closely with teams across Enterprise Security, Product Security, Enterprise AI, Enterprise Product and relevant platform teams to align architecture with real workflow needs and operational constraints.
- Contribute to architectural direction, reviews, and engineering standards for agentic identity and related security infrastructure across the company.
- Help evaluate emerging standards, open-source technologies, and vendor capabilities in agentic identity, and translate the relevant pieces into pragmatic internal builds and roadmap recommendations.
What we need to see:
- Bachelor’s degree or Master’s degree or equivalent experience in Computer Science or a related field.
- 15+ years in software engineering, security engineering, identity, distributed systems, or related areas, including significant hands-on technical leadership.
- Proven track record to frame sophisticated problem spaces, define an MVP, prototype quickly, and evolve ideas into reliable production systems..
- Strong software engineering skills, including crafting and building backend services, APIs, automation, or platform components in programming environments. The role requires quickly learning new languages, frameworks, and tools as needed.
- Experience in offensive security, adversarial thinking, red teaming, or attack-path analysis, capable of applying that perspective to architecture decisions and security tradeoffs.
- Experience with device trust, endpoint posture, or hardware-backed trust signals, and an understanding of how device identity and device state can strengthen access decisions for agentic, workload, and human-to-agent workflows.
- Ability to collaborate across organizational boundaries, balance security with usability and adoption, and drive pragmatic technical outcomes through influence.
- Hands-on experience with container technologies (Docker, containerd, or equivalent), network infrastructure (proxies, routing, firewalls, VPNs), and general cloud service provider (CSP) environments (AWS, Azure, or GCP)
- Good understanding of existing and emerging identity and access concepts such as OAuth 2.0/2.1, OIDC, SCIM, mTLS, SPIFFE, MCP, AuthZen, certificate lifecycle management, and secrets management.
Ways to stand out from the crowd:
- Strong full-stack or software engineering instincts, including the ability to build reusable frameworks, APIs, and tooling that improve engineering velocity and consistency.
- Experience with agentic or AI-adjacent systems, such as tool-using applications, workflow orchestration, evaluation loops, policy controls, memory/context services, or trust and discovery systems.
- Familiarity with AI-specific security risks such as prompt injection, tool misuse, unauthorized access expansion, data exfiltration, or unsafe delegation patterns.
NVIDIA is widely considered to be one of the technology world’s most desirable employers. We have some of the most intelligent and hardworking people in the world working for us. If you're creative and autonomous, we want to hear from you!
Your base salary will be determined based on your location, experience, and the pay of employees in similar positions. The base salary range is 240,000 USD - 379,500 USD.
You will also be eligible for equity and benefits.
Applications for this job will be accepted at least until April 26, 2026.
This posting is for an existing vacancy.
NVIDIA uses AI tools in its recruiting processes.
NVIDIA is committed to fostering a diverse work environment and proud to be an equal opportunity employer. As we highly value diversity in our current and future employees, we do not discriminate (including in our hiring and promotion practices) on the basis of race, religion, color, national origin, gender, gender expression, sexual orientation, age, marital status, veteran status, disability status or any other characteristic protected by law.