About this role
Staff Software Engineer (Information Security) to design, build, and scale Non-Human Identity and agentic AI identity platform capabilities. The role leads secure patterns for continuous authentication, adaptive authorization, and identity governance at global scale.
Key Responsibilities
- Lead the design and implementation of NHI platform services supporting agent identity, authentication, and authorization
- Deliver secure patterns for delegated authority, least privilege, and adaptive authorization for agentic workflows
- Implement continuous authentication and risk-based access control to evaluate trust at runtime
- Build automation for agent identity lifecycle, credential issuance/rotation, and governance controls
- Define and implement observability, auditing, and compliance controls for agent actions (telemetry, attribution, lineage)
Technical Overview
Focuses on NHI platform services including identity control plane, governance controls, runtime trust evaluation, risk-based access control, and adaptive authorization using policy-as-code. Requires building distributed, cloud-native identity systems with workload identity and strong API security, plus observability/auditing/compliance for agent actions.
Ideal Candidate
The ideal candidate is a Staff-level software engineer with 8+ years building and operating enterprise-scale systems, including 3+ years in identity, authentication, and authorization. They have hands-on experience with Non-Human Identity (NHI) and agentic AI identity patterns such as continuous authentication, runtime trust evaluation, adaptive authorization, policy-as-code, and risk-based access control.
Must-Have Skills
8+ years of software engineering experience building and operating enterprise-scale systems3+ years of experience in identityauthenticationand authorization at enterprise scaleStrong understanding of agentic AI architectures and NHI lifecycle management (provisioningattestationrotationdecommissioning)Experience designing and implementing continuous authentication and runtime trust evaluation patternsHands-on experience with adaptive authorizationpolicy-as-codeand modern authorization systemsStrong knowledge of cloud-native identityworkload identityservice-to-service authand API securityExperience building and operating distributed services with high reliability and strong security posture
Nice-to-Have Skills
Experience with AzureAWSor GCP identity platforms and their workload identity primitivesExperience with Kubernetes workload identityservice meshor distributed policy enforcementExperience building security-critical platforms in regulated industries (e.g.financehealthcareretail)
Tools & Platforms
PythonPowerShellAzureAmazon Web ServicesAWSGoogle Cloud PlatformGCPKubernetesservice mesh
Required Skills
software engineeringenterprise-scale systemsidentityauthenticationauthorizationNon-Human Identity (NHI)agentic AI architecturesNHI lifecycle management (provisioningattestationrotationdecommissioning)continuous authenticationruntime trust evaluation patternsadaptive authorizationpolicy-as-codemodern authorization systemscloud-native identityworkload identityservice-to-service authAPI securitydistributed serviceshigh reliabilitysecure architecturesecurity posturePythonPowerShellinfrastructure/CI security fundamentalssystem designtechnical leadershipcross-team communicationdelegated authorityleast privilegerisk-based access controlobservabilityauditingcompliance controlstelemetryattributionlineagesecure codingthreat modelingdesign reviewsoperational readinessidentity governancecredential issuance/rotation
Hard Skills
software engineeringenterprise-scale systemsidentityauthenticationauthorizationNon-Human Identity (NHI)agentic AI architecturesNHI lifecycle management (provisioningattestationrotationdecommissioning)continuous authenticationruntime trust evaluation patternsadaptive authorizationpolicy-as-codemodern authorization systemscloud-native identityworkload identityservice-to-service authAPI securitydistributed serviceshigh reliabilitysecure architecturesecurity postureautomation (Python)automation (PowerShell)infrastructure/CI security fundamentalssystem designtechnical leadershipcross-team communicationdelegated authorityleast privilegerisk-based access controlobservabilityauditingcompliance controlstelemetryattributionlineagesecure codingthreat modelingdesign reviewsoperational readinessidentity governancecredential issuance/rotation
Soft Skills
technical leadershipcross-team communicationmentoring engineerstechnical planninginfluencing standards across teamscross-functional collaborationdesign reviews collaboration
Keywords for Your Resume
StaffSoftware EngineerInformation SecurityNon-Human Identity / Agentic IdentityStaff Software EngineerNon-Human IdentityNon-Human Identity (NHI)agentic AI architecturesNHI lifecycle management (provisioningattestationrotationdecommissioning)continuous authenticationruntime trust evaluationadaptive authorizationpolicy-as-codecloud-native identityworkload identityservice-to-service authAPI securityrisk-based access controldelegated authorityleast privilegeobservabilityauditingcompliance controlstelemetrythreat modelingdesign reviewsoperational readinessPythonPowerShellKubernetesservice meshAzureAWSAmazon Web ServicesGCPGoogle Cloud Platform
Deal Breakers
3+ years of experience in identity, authentication, and authorization at enterprise scale, Experience designing and implementing continuous authentication and runtime trust evaluation patterns, Hands-on experience with adaptive authorization , policy-as-code , and modern authorization systems
Get matched to jobs like this
Luna finds roles that fit your skills and career goals — no endless scrolling required.
Create a Free Profile