DigiCert is looking for a Backend Engineer to build the core security infrastructure that defines how AI agents are identified and controlled. You will create a ‘Zero Trust’ architecture for AI, instrumental in setting technical culture, selecting the stack, and scaling a platform that will secure the next generation of enterprise AI.

What You'll Do

Architect and build the Identity Foundation: Design and own a cryptographically secure identity system that serves as the ‘source of truth’ for all AI workloads.
Build Runtime Enforcement: Develop high-performance systems to control agentic interactions in real-time, ensuring agents operate strictly within authorized boundaries without latency.
Define Governance Logic: Create engines that translate complex human policies into machine-executable rules for agent access to tools, databases, and LLMs.
Design for Resilience and Scale: Build ‘secure-by-default’ infrastructure that can handle thousands of concurrent autonomous agents across multi-cloud environments.
Shape the Technical Culture: Select the core stack, define engineering standards, and help build the team.

What We're Looking For

Systems Mastery: Deep experience building mission-critical distributed systems from the ground up, with mastery of systems-level languages like Go or Rust.
Identity & Security Infrastructure: Hands-on experience with SPIFFE/SPIRE, PKI, mTLS, certificate lifecycle management, OIDC, and OAuth2 at a protocol level.
Cloud-Native Networking: Expert-level knowledge of Kubernetes (K8s), Envoy Proxy, Service Meshes (Istio/Linkerd), and Open Policy Agent (OPA).
Cloud & DevOps: Experience deploying and securing production workloads on AWS, GCP, or Azure, with comfort using Infrastructure as Code (Terraform).
Comfort building CI/CD pipelines and observability stacks (Prometheus/Grafana) from scratch with a ‘bias for shipping’.

Nice to Have

AI Experience: Prior experience or strong interest in working with AI Agents (LangGraph, CrewAI, AutoGen), LLM APIs (OpenAI, Anthropic), and the Model Context Protocol (MCP).

Technical Stack

Go, Rust, SPIFFE/SPIRE, PKI, mTLS, OIDC, OAuth2, Kubernetes, Envoy Proxy, Istio, Linkerd, Open Policy Agent (OPA), AWS, GCP, Azure, Terraform, CI/CD, Prometheus, Grafana, LangGraph, CrewAI, AutoGen, OpenAI API, Anthropic API, Model Context Protocol (MCP)