Principal Software Engineer, Agent Policy Fabric

at Nvidia

📍 Santa Clara, United States

USD 272,000-431,200 per year

SENIOR

✅ On-site

Used Tools & Technologies

Not specified

Required Skills & Competences
Tag name is followed by "@" symbol and proficiency level value. About proficiency levels:

1-2 — basic awareness. Minimal hands-on experience, and a rudimentary understanding of the technology's purpose;

3-6 — daily use. Comfortable and regular usage, capable of handling common tasks and challenges related to the technology;

7-9 — you are an expert, you can teach others, you know all the pitfalls and tricks;

10 — exceptional knowledge, comprehensive understanding, and adeptness in all aspects of the technology, including advanced problem-solving. Think twice before claiming or demanding such level.

Security @ 4 Go @ 7 Linux @ 3 Python @ 7 Distributed Systems @ 8 Leadership @ 4 Scoping @ 4 gRPC @ 3 Protobuf @ 3 Rust @ 7 API @ 4 Audit @ 4 AI @ 4

Details

NVIDIA Cloud Engineering & Services is building an enterprise governance layer for agentic systems: signed policy, runtime verification, policy projection, credential mediation, detector verdict handling, and common audit across runtime substrates and enterprise integrations. This role is to mature an APF v0 proof-of-life into a robust core platform for governed agent action, including signed policy, Runtime Policy Verifier, projection, conformance, and failure mode handling for APF deployments.

Responsibilities

Own APF Core Services: build and harden the Runtime Policy Verifier, signed policy bundle verification, trust-root handling, freshness, rollback protection, subject binding to attested runtime context, revocation checks, and authorization APIs used by APF-compatible enforcement points.
Design Policy Projection: implement deterministic projections from the canonical APF policy into OpenShell-native runtime policy, adapter constraints, credential constraints, audit requirements, and model-visible tool hints while preserving the atomic projection-admission contract.
Build Conformance and Verification: create golden fixtures, compatibility tests, negative tests, fuzz/property tests, and conformance suites that prove APF-compatible runtimes and adapters honor the same contract.
Collaborate with Runtime Owners: engage alongside OpenShell and Infrastructure engineers on public runtime interfaces for projection consumption, runtime context attestation, approved adapter paths, direct egress verification, and admission/rejection semantics.
Land the Runtime Integration Surfaces: own cross-team work to land public substrate interfaces APF composes against — runtime-context attestation, approved adapter path declaration, projection acceptance and rejection semantics, quarantine, and stop-session hooks — and publish each as a public RFC or PR.
Drive Architecture Maturity: define versioning, schema compatibility, latency budgets, availability behavior, fail-closed defaults, last-known-good policy handling, and produce engineering review artifacts for Product Security, Fleet, Identity, and partner teams.
Evolve Technical Specifications: write specifications, defend bounded claims in security and architecture reviews, drive open-decision resolution, and turn working-draft contracts into engineering artifacts adopable by Product Security, Fleet, Identity, and partner runtimes.

Requirements

Bachelor's degree (or equivalent experience) with 15+ years of industry experience in systems software, security engineering, distributed systems, or policy infrastructure.
Technical Core: strong programming skills in Rust, Go, C++, or Python; experience designing production services, APIs, schemas, policy engines, authorization systems, or signed artifact pipelines.
Infrastructure Familiarity: Linux systems, IPC or service-to-service APIs, protobuf/gRPC or equivalent wire formats, CI, test automation, release engineering, and cloud or enterprise deployment environments.
Security Engineering: practical experience with authorization, cryptographic signatures, trust roots, revocation, subject binding, rollback protection, secure-by-default failure handling, and zero-trust architecture patterns.
Architecture Leadership: ability to write streamlined technical specifications, align multiple engineering owners, defend bounded claims, and turn working-draft architecture into buildable interfaces without over-scoping the runtime.

Ways to Stand Out

Runtime Policy Systems: experience with OPA/Rego, Cedar, Zanzibar-style authorization, policy compilers, sandbox policy, or runtime enforcement systems.
Agent Runtime Security: familiarity with agent frameworks, tool-call governance, sandboxed execution, OpenShell-like runtime substrates, MCP-style tool routing, or credential isolation for agents.
Supply Chain and Signing: experience with Sigstore, TUF, in-toto, HSM-backed signing, package provenance, signed configuration, or enterprise trust-root distribution.
Formal or Adversarial Verification: experience using property testing, model checking, symbolic execution, red-team findings, or bounded verification to constrain security claims.
Standards engagement: experience contributing to RFCs in identity, supply-chain, or policy spaces (IETF, OpenID Foundation, FIDO Alliance, CNCF, NIST).

Compensation and Benefits

Base salary range: 272,000 USD - 431,250 USD (final base determined by location, experience, and pay of employees in similar positions).
Eligible for equity and NVIDIA benefits (link to NVIDIA benefits referenced in original posting).

Company & Application

Applications for this job will be accepted at least until June 26, 2026.
This posting is for an existing vacancy.
NVIDIA uses AI tools in its recruiting processes and is an equal opportunity employer committed to diversity and inclusion.