Principal Engineer, Confidential AI

Opaque Systems

San Francisco, CAUnknownUnknownSalary not listed

Job details

About OPAQUE
OPAQUE is the Confidential AI company. Born from UC Berkeley’s RISELab, we solve the core challenge blocking AI adoption at scale: security concerns about data leaks or compliance violations. OPAQUE provides verifiable privacy and governance for AI so organizations can safely run models, agents, and workflows on their most sensitive data. Its Confidential AI platform delivers verifiable runtime governance backed by cryptographic proof that data, models, and agent actions remain private, governed, and compliant with approved policies throughout every AI workflow. This extends traditional data governance tools with real runtime verification, enabling teams to responsibly deploy AI using their most valuable proprietary data, and move from pilot to production 4-5X faster. Customers and partners include ServiceNow, Anthropic, Encore Capital, Accenture, and leaders across high tech, financial services, insurance, and healthcare.

Learn More at Opaque.co

Read about our Values at Opaque.co/about

 

ABOUT THIS JOB

We are hiring a Principal Engineer to bring the open agent-governance stack we help lead into the heart of the platform. The open projects (the Agent Governance Toolkit, Confidential MCP, Agent Manifest, and TRACE, under agentrust-io) define how autonomous agents prove what they did. You will harden them into our two commercial layers: OPAQUE Agent Control™, the software governance layer built on AGT that controls every agent, and OPAQUE Confidential Core™, the hardware and TEE layer that proves every action. Software helps you build; hardware helps you scale; verifiable AI requires both.

This is a deeply technical, customer-facing engineering role that spans software and silicon. You will own the integration end to end, ship it as platform offerings like OPAQUE Confidential MCP™ and OPAQUE Confidential Agents™, represent OPAQUE in the standards communities defining this space, and carry the work from open-source spec to scaled, attested product.

 

What you will do

  • Own the integration of the open agent-governance stack (Confidential MCP, Agent Manifest, TRACE) into OPAQUE Agent Control and OPAQUE Confidential Core, bound to hardware attestation and TEEs (AMD SEV-SNP, Intel TDX, NVIDIA Confidential Computing).
  • Make policy enforcement and verifiable evidence run inside the TEE: a governed agent workflow that emits a single hardware-rooted, independently verifiable record.
  • Production-harden and scale the confidential agent path across multi-cloud Confidential Containers (AKS, GKE) to enterprise reliability and latency targets.
  • Ship platform offerings such as OPAQUE Confidential MCP and OPAQUE Confidential Agents on top of that foundation.
  • Work directly with customers to turn their hardest confidential-AI problems into platform capabilities.
  • Represent OPAQUE as a technical contributor in the foundations that standardize this work (Agentic AI Foundation, CoSAI): upstream contributions, spec influence, and credibility in the community.
  • Make the open-source-to-product calls: what to harden, what to keep experimental, what to upstream.

 

What we are looking for

  • 10+ years building production systems, with depth across both application software and low-level/systems work.
  • Hands-on confidential computing / TEE experience (SEV-SNP, TDX, NVIDIA CC) and fluency in attestation (RATS, EAT, measured boot, key release on attestation).
  • Strong cryptographic engineering fundamentals.
  • Fluency in Go and/or Rust; comfort in Python and the agent frameworks (LangChain, LangGraph, CrewAI, AutoGen).
  • Experience scaling distributed systems on Kubernetes, ideally multi-cloud.
  • Demonstrated customer curiosity: you start from the user’s problem and work back to the architecture.
  • A track record in open source and standards: shipped meaningful upstream work and can represent a company technically in a community.
  • Bonus: prior work in agent governance, policy engines (Cedar), SBOM/supply-chain, or verifiable credentials.
Principal Engineer, Confidential AI at Opaque Systems | Jobdaemon