SEE ALL VACANCIES

Security / Policy Engineer (with Cedar)

Vacancy details
Information Security
Security Engineer
Senior
Bulgaria, Canada, Croatia, Cyprus, Egypt, India, Japan, Malta, Poland, Portugal, Saudi Arabia, Spain, Ukraine
Remote
APPLY NOW
REFER A FRIEND

We are looking for a Security / Policy Engineer to design and implement authorization models for AI agents and cloud-native platforms. The role focuses on AWS AgentCore Policy (Cedar), policy-as-code, OAuth/JWT-based authorization, and zero-trust security architecture. The ideal candidate has hands-on experience with cloud security, identity engineering, ABAC design, and enterprise-grade access control systems.

What project we have for you

Our customer is a multinational corporation with more than a century of history and offices in over 180 countries. Their most ambitious goal at the time is to introduce a range of Reduced-Risk Products (RRPs). The target audience is more than 1 billion consumers around the globe. IT platform hosts 700+ applications.
Intellia’s mission is to help the client with the engineering of a comprehensive software ecosystem for a game-changing IoT product on the margin of innovative consumer experience and cutting-edge technology. Our teams are involved in the engineering of core platform components for best-in-class eCommerce, Digital Marketing and IoT solutions. As an Engineer, you will become a part of Core Architecture Team and be responsible for the architecture, implementation of best practices in our Digital Engineering Enterprise Platform.
The Platform is a set of services and internet applications that accelerate the development and delivery of software applications by taking care of common SDLC challenges. The Platform provides access and consumption for engineering teams to a set of services, technologies, practices for their development and for operating their application, ensuring a set of compliance and best practices.

What you will do

  • Design and implement authorization policies using Cedar and AWS AgentCore Policy.
  • Develop and maintain policy-as-code frameworks for cloud-native and AI-agent platforms.
  • Build and govern Attribute-Based Access Control (ABAC) models following least-privilege and default-deny principles.
  • Integrate authorization systems with OAuth 2.0, JWT, and Microsoft Entra ID.
  • Define and maintain principals, resources, actions, and conditional access policies.
  • Design token validation, claims mapping, and authorization decision workflows.
  • Implement audit logging and traceability for policy evaluation and access decisions.
  • Partner with security, architecture, and platform teams to support enterprise security reviews and governance processes.
  • Contribute to zero-trust security architecture and authorization strategy across distributed systems.
  • Evaluate and adopt emerging AWS authorization technologies, including Cedar and AWS Verified Permissions.

What you need for this

• AWS AgentCore Policy (Cedar)
• Cedar policy language (principals, actions, resources, conditions)
• OAuth 2.0 / JWT / MS Entra integration
• Policy-as-code patterns
• Default-deny authorization models
• Audit logging for policy decisions

Experience:

• 5+ years cloud security or identity engineering
• Attribute-based access control (ABAC) design
• OAuth 2.0 / JWT token inspection and claims mapping
• Enterprise security review (InfoSec, ARB processes)
 
Will be a plus:

• AWS Cedar (open source) prior exposure
• AWS Verified Permissions or AgentCore Policy early experience
• Zero-trust architecture design

What it’s like to work at Intellias

At Intellias, where technology takes center stage, people always come before processes. By creating a comfortable atmosphere in our team, we empower individuals to unlock their true potential and achieve extraordinary results. That’s why we offer a range of benefits that support your well-being and charge your professional growth.
We are committed to fostering equity, diversity, and inclusion as an equal opportunity employer. All applicants will be considered for employment without discrimination based on race, color, religion, age, gender, nationality, disability, sexual orientation, gender identity or expression, veteran status, or any other characteristic protected by applicable law.
We welcome and celebrate the uniqueness of every individual. Join Intellias for a career where your perspectives and contributions are vital to our shared success.

Have not found the most
suitable position yet?
Leave your resume and we will select a cool option for you.
Find me a job
Good news!
Link copied
Good news!
You did it.
Bad news!
Something went wrong. Please try again.