
Principal Security Architect, Agent Policy Fabric
Posted 1 day ago

Posted 1 day ago
This is a fully remote position, open to applicants in California, +4 more states.
• Articulate the cross-company reference architecture for managed agent actions, encompassing durable policies, runtime controls, adapter boundaries, credential mediation, detector responses, audit correlation, failure modes, and criteria for production readiness.
• Convert Agent Policy Fabric concepts into executive-level decision documents, engineering standards, threat models, control objectives, and implementation milestones, without treating working-draft architecture as a predetermined product direction.
• Collaborate with Product Security, OpenShell, Omnistation, Identity, IT, Fleet/MDM, SecOps, 3S, legal/privacy, and corporate resource owners to clarify ownership of each control surface and the transition of agent workflows from proof-of-life to enterprise pilot.
• Create review patterns for agent workflows, which include policy authoring, approval, signing, runtime admission, credential issuance, direct-egress controls, audit evidence, anomaly management, and break-glass procedures.
• Update senior leaders, customer-facing teams, and partner engineering teams on NVIDIA's agent security stance, APF evolution roadmap, open decisions, known limitations, and the evidence necessary for broader deployment.
• A Bachelor’s degree (or equivalent experience) with over 15 years in the industry specializing in security architecture, product security, enterprise security platforms, identity and access management, cloud security, or infrastructure governance.
• Proven capability to spearhead ambiguous, cross-functional security initiatives across product, platform, infrastructure, IT, and security operations teams.
• Solid understanding of agentic AI risks, tool-call governance, prompt-injection limits, sandbox boundaries, credential exposure risks, audit requirements, and the distinctions between containment, authorization, and monitoring.
• Experience in designing controls regarding identity, authorization, policy, secrets, network egress, runtime isolation, telemetry, SIEM integration, exception workflows, and compliance evidence.
• Proficiency in drafting clear architecture memos, decision records, threat models, standards, and adoption plans that cater to both senior leadership and implementation teams.
• Competitive salaries
• Generous benefits package
• Equity
NerdWallet
BlueLeaders
Reco
Sysdig
Get handpicked remote jobs straight to your inbox weekly.