Senior Principal Software Engineer

CyberArk is seeking a highly experienced Senior Principal Software Engineer to join our R&D team in Hyderabad, India. This role is focused on designing, implementing, and maintaining cutting-edge Identity & Access Management (IAM) solutions, particularly within public and private cloud environments.

As a Senior Principal Software Engineer, you will be instrumental in defining and enforcing guidelines for critical open identity standards such as OAuth 2.0, OpenID Connect, SAML 2.0, and Single Sign-On (SSO). You will continuously evaluate and enhance our cloud security posture, lead data-driven security analytics, and champion proactive security measures like threat hunting and threat modeling. A key responsibility will be architecting and advocating for secure identity solutions for autonomous AI agents, including the implementation of robust guardrails against prompt injection and data leakage.

The ideal candidate will possess a deep understanding of Identity & Access Management and Information Security, with at least 6 years of experience in this domain. You should have 8+ years of hands-on experience securing enterprise applications in cloud technologies. Expertise in IAM protocols (OAuth 2.0, OpenID Connect, SAML 2.0) and various access control mechanisms (SSO, RBAC, ABAC, MFA, RBA) is essential. Strong knowledge of Threat, Vulnerability, & Risk management, along with infrastructure security fundamentals (WAFs, proxies, load balancers, network protocols), is required. Development experience with Microservices and scripting languages like Python and PowerShell is a must. Familiarity with Site Reliability Engineering (SRE) principles, DDoS mitigation, and key security standards such as SANS Top 20 and OWASP Top 10 is expected. Excellent communication, leadership, problem-solving, and analytical skills are paramount for success in this role.

Preferred qualifications include hands-on experience with major IAM products (e.g., SailPoint, Okta, Azure AD), working knowledge of advanced identity protocols (SCIM2, FIDO2), and containerization technologies like Kubernetes. Experience with AI/ML, Generative AI (GenAI), and leveraging AI for Security Analytics is highly desirable. Familiarity with authorization models such as Role-Based Access Control (ReBAC) and security considerations for autonomous AI agents and Retrieval Augmented Generation (RAG) architectures is a plus. AWS Certifications and experience implementing technology specifications/RFCs are also advantageous.

Nice to have skills include knowledge of security, privacy, and compliance standards such as FISMA, HIPAA, and GDPR.