SEE ALL VACANCIES

Policy Engineer (Cedar Implementation)

Vacancy details
Information Security
Security Engineer
Strong Middle
Bulgaria, Canada, Croatia, Cyprus, Egypt, Germany, India, Japan, Malta, Poland, Portugal, Saudi Arabia, Spain, Ukraine, United Arab Emirates, United Kingdom, United States
Remote
APPLY NOW
REFER A FRIEND

We are looking for a Policy Engineer to design, implement, and validate fine-grained authorization policies for AI agent platforms and cloud-native services. The role focuses on Cedar policy development, identity provider integrations, policy enforcement, and attribute-based access control. The ideal candidate combines hands-on security engineering experience with strong Python skills and a deep understanding of modern authorization architectures.

What project we have for you

Our customer is a multinational corporation with more than a century of history and offices in over 180 countries. Their most ambitious goal at the time is to introduce a range of Reduced-Risk Products (RRPs). The target audience is more than 1 billion consumers around the globe. IT platform hosts 700+ applications.
Intellia’s mission is to help the client with the engineering of a comprehensive software ecosystem for a game-changing IoT product on the margin of innovative consumer experience and cutting-edge technology. Our teams are involved in the engineering of core platform components for best-in-class eCommerce, Digital Marketing and IoT solutions. As an Engineer, you will become a part of Core Architecture Team and be responsible for the architecture, implementation of best practices in our Digital Engineering Enterprise Platform.
The Platform is a set of services and internet applications that accelerate the development and delivery of software applications by taking care of common SDLC challenges. The Platform provides access and consumption for engineering teams to a set of services, technologies, practices for their development and for operating their application, ensuring a set of compliance and best practices.

What you will do

  • Design, implement, and maintain authorization policies using Cedar policy language.
  • Develop and test policy definitions, validation workflows, and policy enforcement mechanisms.
  • Configure and manage AWS AgentCore Policy in LOG_ONLY and ENFORCE modes.
  • Build Python-based tooling for policy validation, testing, and governance.
  • Integrate authorization frameworks with Microsoft Entra ID and other identity providers.
  • Design claims mapping and token-based authorization flows using OAuth 2.0 and JWT.
  • Implement fine-grained and parameter-level access control models.
  • Develop and maintain ABAC and RBAC authorization patterns for platform services and AI agents.
  • Partner with platform and security teams to ensure secure access governance across distributed systems.
  • Create auditability and traceability mechanisms for authorization decisions.
  • Support adoption of policy-as-code practices and authorization best practices.

What you need for this

Cedar policy language — authoring and testing
• AWS AgentCore Policy LOG_ONLY / ENFORCE modes
• Python (policy validation tooling)
• MS Entra claims mapping
• Parameter-level access control patterns

Experience:

3+ years security engineering or backend engineering
• Identity provider integration (Entra, Okta, Cognito)
• Policy definition in any ABAC or RBAC system
• Open Policy Agent (OPA) or Cedar hands-on

Will be a plus:

LangGraph tool invocation patterns
• AWS AgentCore Gateway integration

What it’s like to work at Intellias

At Intellias, where technology takes center stage, people always come before processes. By creating a comfortable atmosphere in our team, we empower individuals to unlock their true potential and achieve extraordinary results. That’s why we offer a range of benefits that support your well-being and charge your professional growth.
We are committed to fostering equity, diversity, and inclusion as an equal opportunity employer. All applicants will be considered for employment without discrimination based on race, color, religion, age, gender, nationality, disability, sexual orientation, gender identity or expression, veteran status, or any other characteristic protected by applicable law.
We welcome and celebrate the uniqueness of every individual. Join Intellias for a career where your perspectives and contributions are vital to our shared success.

Have not found the most
suitable position yet?
Leave your resume and we will select a cool option for you.
Find me a job
Good news!
Link copied
Good news!
You did it.
Bad news!
Something went wrong. Please try again.