RSA - Principal Windows Agent Developer

Location: Remote US (U.S. Citizen Required)

RSA provides trusted identity and access management for 12,000 organizations around the world, managing 25 million enterprise identities and providing secure, convenient access to millions of users. RSA specializes in empowering security-first organizations in financial services, healthcare, energy, technology services, and other industries to thrive in a digital world, delivering complete capabilities for modern authentication, access, lifecycle management, and identity governance. Whether in the cloud or on-premises, RSA connects people with the digital resources they depend on everywhere they live, work, and play.

For decades, RSA has pioneered many of the encryption, authentication, and identity federation technologies that still power the internet. And now RSA is transforming the industry yet again, paving the way for the future of digital identity through the RSA Unified Identity Platform; next-generation hybrid and cloud solutions; the first ever and only multi-functional, passwordless hardware authenticator; and a frictionless, mobile-optimized experience for the modern workforce. If you are self-motivated and looking for a fast-paced challenge doing something that truly matters, come join our winning team!  For more information, go to rsa.com.

Principal Responsibilities:

• Architect and develop the Windows agent that interacts with cloud identity services and local system components.
• Implement and optimize FIDO2, hybrid passkey, and certificate-based authentication flows within Windows with strong emphasis on password-less authentication.
• Design and maintain background services, credential providers, and system-level components that enable secure user sign-in experiences.
• Ensure compliance with enterprise-grade security and Windows platform requirements for credential management, cryptographic key handling, and secure storage.
• Collaborate with cross-platform teams to align authentication logic across Windows, macOS, iOS, and Android.
• Troubleshoot complex issues related to Windows internals, network stack, and integration with domain or Entra ID environments.
• Drive code quality and architectural excellence through reviews, design discussions, and hands-on mentorship.
• Stay current with Windows OS and .NET evolution, identity standards, and cryptographic technologies to inform product roadmap.

Required Qualifications:

• Bachelor’s or Master’s degree in Computer Science, Computer Engineering, or related field.
• 10+ years of software development experience, including 5+ years in Windows systems programming.
• Expert knowledge of C#, C/C++, .NET, Windows APIs, and Win32 system programming.
• Proven experience developing Windows services, Credential Providers, or authentication agents.
• Deep understanding of Windows security model, including key storage, DPAPI, TPM, and certificate management.
• Familiarity with FIDO2/WebAuthn, PKI, Kerberos, and Windows Hello frameworks.
• Strong debugging skills using Visual Studio, WinDbg, ETW, and other diagnostic tools.
• Experience with secure communication protocols (TLS, JWT, mutual authentication, certificate pinning).
• Excellent problem-solving, collaboration, and communication skills.
• US Citizenship required.

Preferred Qualifications:

• Experience implementing FIDO, passkey, or hybrid authentication flows on Windows.
• Familiarity with Active Directory, Entra ID, and modern identity protocols (OAuth 2.0, OIDC, SAML).
• Experience building cross-platform authentication clients or SDKs.
• Understanding of USB, NFC, BLE, or hardware security key integration on Windows.

RSA is committed to the principle of equal employment opportunity for all employees and applicants for employment and to providing employees with a work environment free of discrimination and harassment. All employment decisions at RSA are based on business needs, job requirements and individual qualifications, without regard to race, color, religion, national origin, sex (including pregnancy), age, disability, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, protected veteran status, genetic information, or any other characteristic protected by federal, state or local laws. RSA will not tolerate discrimination or harassment based on any of these characteristics. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. All RSA employees are expected to support this policy and contribute to an environment of equal opportunity.

If you need a reasonable accommodation during the application process, please contact rsa.global.talent.acquisition@rsa.com. All employees must be legally authorized to work in the US. RSA and its approved consultants will never ask you for a fee to process or consider your application for a career with RSA. RSA reserves the right to amend or withdraw any job posting at any time, including prior to the advertised closing date.