Key skills
RustGoC++PythonLinux systemsIPCService-to-service APIsprotobufgRPCTest automationRelease engineeringCloud deploymentEnterprise deploymentAuthorization systemsCryptographic signaturesTrust rootsRevocationSubject bindingRollback protectionZero-trust architectureOPA/RegoCedarZanzibar-style authorizationPolicy compilersSandbox policyRuntime enforcement systemsAgent frameworksTool-call governanceSandboxed executionOpenShell runtime substratesMCP-style tool routingCredential isolationSigstoreTUFin-totoHSM-backed signingPackage provenanceSigned configurationEnterprise trust-root distributionProperty testingModel checkingSymbolic executionRed-team findingsBounded verificationTechnical specification writingArchitecture leadershipCAgentic
About this role
NVIDIA is widely recognized as one of the most desirable employers, with a strong focus on innovation in technology. They are seeking a Principal Software Engineer for the Agent Policy Fabric Core Platform to build a robust governance layer for agentic systems, focusing on policy verification and integration with runtime environments.
Responsibilities:
- Own APF Core Services: Build and harden the Runtime Policy Verifier, signed policy bundle verification, trust-root handling, freshness, rollback protection, subject binding to attested runtime context, revocation checks, and authorization APIs used by APF-compatible enforcement points
- Design Policy Projection: Implement deterministic projections from the canonical APF policy into OpenShell-native runtime policy, adapter constraints, credential constraints, audit requirements, and model-visible tool hints, while preserving the atomic projection-admission contract
- Build Conformance and Verification: Create golden fixtures, compatibility tests, negative tests, fuzz/property tests, and conformance suites that prove APF-compatible runtimes and adapters honor the same contract
- Collaborate with Runtime Owners: Engage alongside OpenShell and Infrastructure engineers on public runtime interfaces for projection consumption, runtime context attestation, approved adapter paths, direct egress verification, and admission/rejection semantics
- Land the Runtime integration surfaces. Own the cross-team work with OpenShell and other runtime owners to land public substrate interfaces APF composes against — runtime-context attestation, approved adapter path declaration, projection acceptance and rejection semantics, quarantine, and stop-session hooks. Land each as a public RFC or PR
- Drive Architecture Maturity: Define versioning, schema compatibility, latency budgets, availability behavior, fail-closed defaults, last-known-good policy handling, and engineering review artifacts for Product Security, Fleet, Identity, and partner teams
- Evolve technical specifications. Write specifications, defend bounded claims in security and architecture reviews, drive open-decision resolution, and turn working-draft contracts into engineering artifacts that Product Security, Fleet, Identity, and partner runtimes can adopt
Requirements:
- Bachelor's degree (or equivalent experience) with 15+ years of industry experience in systems software, security engineering, distributed systems, or policy infrastructure
- Strong programming skills in Rust, Go, C++, or Python; experience designing production services, APIs, schemas, policy engines, authorization systems, or signed artifact pipelines
- Linux systems, IPC or service-to-service APIs, protobuf/gRPC or equivalent wire formats, CI, test automation, release engineering, and cloud or enterprise deployment environments
- Practical experience with authorization, cryptographic signatures, trust roots, revocation, subject binding, rollback protection, secure-by-default failure handling, and zero-trust architecture patterns
- Ability to write streamlined technical specifications, align multiple engineering owners, defend bounded claims, and turn working-draft architecture into buildable interfaces without over-scoping the runtime
- Experience with OPA/Rego, Cedar, Zanzibar-style authorization, policy compilers, sandbox policy, or runtime enforcement systems
- Familiarity with agent frameworks, tool-call governance, sandboxed execution, OpenShell-like runtime substrates, MCP-style tool routing, or credential isolation for agents
- Experience with Sigstore, TUF, in-toto, HSM-backed signing, package provenance, signed configuration, or enterprise trust-root distribution
- Experience using property testing, model checking, symbolic execution, red-team findings, or bounded verification to constrain security claims
- Experience contributing to RFCs in identity, supply-chain, or policy spaces (IETF, OpenID Foundation, FIDO Alliance, CNCF, NIST)