RSA Security

Compensation

Full Description

Principal Responsibilities: Architect and develop the Windows agent that interacts with cloud identity services and local system components. Implement and optimize FIDO2, hybrid passkey, and certificate-based authentication flows within Windows with strong emphasis on password-less authentication. Design and maintain background services, credential providers, and system-level components that enable secure user sign-in experiences. Ensure compliance with enterprise-grade security and Windows platform requirements for credential management, cryptographic key handling, and secure storage. Collaborate with cross-platform teams to align authentication logic across Windows, macOS, iOS, and Android. Troubleshoot complex issues related to Windows internals, network stack, and integration with domain or Entra ID environments. Drive code quality and architectural excellence through reviews, design discussions, and hands-on mentorship. Stay current with Windows OS and .NET evolution, identity standards, and cryptographic technologies to inform product roadmap. Required Qualifications: Bachelor’s or Master’s degree in Computer Science, Computer Engineering, or related field. 10+ years of software development experience, including 5+ years in Windows systems programming. Expert knowledge of C#, C/C++, .NET, Windows APIs, and Win32 system programming. Proven experience developing Windows services, Credential Providers, or authentication agents. Deep understanding of Windows security model, including key storage, DPAPI, TPM, and certificate management. Familiarity with FIDO2/WebAuthn, PKI, Kerberos, and Windows Hello frameworks. Strong debugging skills using Visual Studio, WinDbg, ETW, and other diagnostic tools. Experience with secure communication protocols (TLS, JWT, mutual authentication, certificate pinning). Excellent problem-solving, collaboration, and communication skills. US Citizenship required. Preferred Qualifications: Experience implementing FIDO, passkey, or hybrid authentication flows on Windows. Familiarity with Active Directory, Entra ID, and modern identity protocols (OAuth 2.0, OIDC, SAML). Experience building cross-platform authentication clients or SDKs. Understanding of USB, NFC, BLE, or hardware security key integration on Windows. RSA is committed to the principle of equal employment opportunity for all employees and applicants for employment and to providing employees with a work environment free of discrimination and harassment. All employment decisions at RSA are based on business needs, job requirements and individual qualifications, without regard to race, color, religion, national origin, sex (including pregnancy), age, disability, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, protected veteran status, genetic information, or any other characteristic protected by federal, state or local laws. RSA will not tolerate discrimination or harassment based on any of these characteristics. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. All RSA employees are expected to support this policy and contribute to an environment of equal opportunity. If you need a reasonable accommodation during the application process, please contact rsa.global.talent.acquisition@rsa.com. All employees must be legally authorized to work in the US. RSA and its approved consultants will never ask you for a fee to process or consider your application for a career with RSA. RSA reserves the right to amend or withdraw any job posting at any time, including prior to the advertised closing date.