Staff Software Engineer - Secure AI agents

Company DescriptionCyberArk, a Palo Alto Networks company, is the global leader in identity security, trusted by organizations around the world to secure human and machine identities in the modern enterprise. CyberArk’s AI-powered Identity Security Platform applies intelligent privilege controls to every identity with continuous threat prevention, detection and response across the identity lifecycle. With Identity Security, organizations can reduce operational and security risks by enabling zero trust and least privilege with complete visibility, empowering all users and identities, including workforce, IT, developers and machines, to securely access any resource, located anywhere, from everywhere. Learn more at cyberark.com.Copyright © 2026 CyberArk Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders.Job DescriptionWe’re building foundational infrastructure to secure AI agents—including their identities, access patterns, and interactions with sensitive systems and data.This includes designing intelligent, dynamic mechanisms for ephemeral access control, secrets management, and agent and user identity tailored to themodern agent ecosystem.As a Staff Engineer, you’ll take ownership of these critical systems, designing and implementing how agents establish identity, receive dynamic access,securely interact with sensitive systems, and leave verifiable audit trails. You’ll shape the long-term architecture, anticipate technical risks, and evolvesystems that span both machine- and human-facing workflows.This is a rare opportunity to combine hands-on engineering with technical leadership—writing critical code, mentoring engineers, sharing knowledge, anddriving best practices—while building a platform from the ground up at the cutting edge of AI, identity, and security.ResponsibilitiesOwn and guide the technical direction of core platform domains, including agent identity, authentication, authorization, and secrets management,shaping architectures that span multiple services and teams while balancing scalability, reliability, and security.Lead by example through high-impact implementation, mentoring engineers, and helping them navigate complex technical tradeoffs.Proactively identify critical technical problems or gaps, and drive solutions from concept through delivery.Establish and promote engineering best practices, ensuring high standards for code quality, security, and operational excellence.Communicate complex technical concepts clearly to engineers, architects, product managers, and stakeholders, influencing decisions, fosteringalignment, and driving cross-team collaboration.Document key decisions, patterns, and practices to elevate team knowledge and ensure consistency across the platform.Advocate for continuous improvement and operational efficiency, helping the team work smarter while maintaining a secure, high-quality platform.QualificationsYou bring 8+ years of experience in backend and systems with a track record of owning large-scale or security-critical systems end-to-end.You’ve designed and operated distributed, cloud-based architectures that are secure, scalable, and reliable, and you’re comfortable working with AWS, GCP, or Azure.You have experience or a strong interest in identity, authentication, authorization, and secrets management, and you’re excited to apply these principles to AI and agent frameworks—this will give you an edge.You thrive in ambiguity, make high-impact technical decisions, and guide others through complex tradeoffs with confidence.You communicate clearly and effectively, influencing decisions, aligning teams, and mentoring engineers across multiple functions.You’re passionate about sharing knowledge, raising the technical bar, and multiplying the impact of your peers and the team.You are self-driven, proactive, and organized, with a strong focus on delivering high-quality, secure, and scalable solutions that make a real difference.Additional InformationWe are proud to foster a diverse and inclusive workplace, where every individual's unique background, perspective, and contribution is celebrated. We believe that by embracing diversity, we drive innovation and create a stronger, more united team. Inclusion is at the heart of who we are and how we succeed. All qualified applicants will receive consideration for employment without regard to race, colour, age, religion, sex, sexual orientation, gender identity, or disability. Upon conditional offer of employment, candidates are required to complete a comprehensive background check as per our internal policy.CyberArk is an equal opportunities employer. If you would like any special arrangements made for your interview, please inform the EMEA Talent Acquisition team upon your application so that we may take steps to accommodate your needs.