Cursor

Engineering Manager, Agent & Product Security

Cursor5 days ago
Location

New York

Type

Full Time

Salary

USD 250,000 – 420,000

Level

Manager

Role

Engineering Manager

Posted

Jul 14, 2026

Full TimeManager

The role

Summary

Lead Cursor's agent and product security initiative as Engineering Manager, architecting security primitives for autonomous AI agents in software development. You'll build identity, authorization, and isolation systems that enable trustworthy agent autonomy while maintaining tight coupling with product strategy. This role requires deep expertise in application security, threat modeling, and AI agent safety—combined with strong engineering leadership and cross-functional collaboration skills.

What you'll do

Define Security Primitives for Autonomous Agents: Chart the strategic path from supervised to autonomous agents by architecting and defining novel security primitives that enable safe agent autonomy. Lead technical decisions on identity systems, delegated authority models, and policy enforcement mechanisms that currently lack industry precedent, ensuring these foundational decisions align with Cursor's product vision.
Engineer Multi-Layer Isolation Architecture: Design and oversee implementation of robust isolation mechanisms including tenancy boundaries, workspace segregation, secret management, and data protection schemes. Build systems resilient against real-world adversarial threats targeting valuable customer codebases, with emphasis on defense-in-depth and zero-trust architecture principles.
Build Agent Authority Infrastructure: Architect identity, authentication, and authorization systems enabling agents to hold verifiable responsibility within defined boundaries. Implement scoped permissions, policy enforcement engines, and secure tool execution frameworks that provide full accountability while preserving agent autonomy and operational efficiency.
Develop Security Controls for Product-Market Fit: Create intuitive, production-grade customer-facing security controls that enable security-conscious organizations to confidently adopt agent autonomy. Design measurement frameworks and success metrics for security outcomes, ensuring controls are both user-friendly and cryptographically sound for enterprise adoption.
Lead and Scale Security Engineering Team: Build, mentor, and develop a high-performing security engineering team with a flatter organizational structure. Remain technically engaged through code review and implementation contributions, maintain rapid execution velocity, and establish a culture of shipping reliable, testable security infrastructure while fostering technical growth and cross-functional collaboration.
Drive Cross-Functional Alignment on Security Strategy: Collaborate closely with product, infrastructure, ML, and customer success teams to align security decisions with product roadmap and customer needs. Translate security requirements into product capability enablers, negotiating technical tradeoffs and ensuring security architecture decisions directly influence and unblock product releases.

What we look for

Technical

Application Security & Threat ModelingAdvanced expertise in modern application security architecture, including threat modeling frameworks, attack surface analysis, and risk assessment methodologies. Demonstrated ability to design systems resilient against sophisticated attack vectors in production environments.
Identity & Authorization SystemsDeep technical knowledge of identity management, authentication protocols (OAuth, SAML, mTLS), authorization frameworks (RBAC, ABAC), and policy enforcement engines. Experience building zero-trust architectures and implementing principle-of-least-privilege enforcement.
Data Isolation & TenancyHands-on experience designing and implementing multi-tenant systems with strong isolation guarantees, including logical and physical data segregation, secret management systems, and cryptographic isolation techniques for protecting sensitive customer data.
AI Agent SecurityPractical understanding of AI agent architectures, tool usage patterns, and emerging security risks including prompt injection, jailbreaking, unauthorized data exfiltration, and privilege escalation in agentic systems. Experience designing mitigations that remain effective against novel attack approaches.
Secure System DesignExpertise in building secure-by-default platform architecture, including secure tool execution environments, input validation, output sanitization, and secure software supply chain principles. Understanding of the relationship between security and performance tradeoffs.
Infrastructure & Platform SecuritySolid understanding of infrastructure security, containerization, secrets management, audit logging, and operational security practices. Experience with infrastructure-as-code and continuous deployment systems with strong security posture requirements.

Education

Bachelor's Degree in Computer Science or Related FieldFormal education in computer science, engineering, or equivalent field with strong foundation in systems design, algorithms, and computer security principles. Equivalent professional experience can substitute for formal degree requirement.

Experience

Production Security Engineering Leadership5-10 years leading engineering teams that shipped production systems with high security, reliability, or platform stakes. Demonstrated track record scaling teams, mentoring engineers, and maintaining technical excellence while managing organizational complexity.
Shipping Under Ambiguity & Novel ConstraintsExperience setting technical strategy in greenfield or low-precedent problem domains, making architectural decisions with incomplete information, committing to directions, and pivoting based on implementation reality. Comfort with strategic decision-making where industry standards don't yet exist.
Security-Centric Product DevelopmentTrack record shipping security-sensitive products or features where security requirements directly influenced product capability and go-to-market strategy. Experience seeing security as a product enabler rather than a constraint, with understanding of how security choices drive adoption and competitive advantage.
Cross-Functional Technical PartnershipDemonstrated ability partnering effectively across product, infrastructure, ML/AI, and customer-facing teams. Experience translating between security requirements, product strategy, and technical constraints while building consensus across competing priorities.
Hands-On Technical ContributionOngoing practice writing and reviewing code while managing; comfort staying technically grounded in implementation details of your team's systems. Experience maintaining technical credibility and unblocking teams through direct technical problem-solving.

Skills

Required skills

Security Architecture DesignExpert-level ability to design comprehensive security architectures that balance protection, usability, and performance. Capable of identifying attack surfaces, designing defense-in-depth strategies, and making principled tradeoff decisions.
Threat Modeling & Risk AssessmentProficiency in structured threat modeling methodologies (STRIDE, PASTA) and risk quantification. Ability to think like an attacker, anticipate novel threat vectors, and prioritize security investments based on impact and likelihood.
Team Leadership & MentoringStrong people leadership skills including hiring talented engineers, providing constructive technical feedback, fostering psychological safety, and creating opportunities for growth. Ability to scale team while maintaining technical culture and rapid execution.
Systems Thinking & Architectural JudgmentDemonstrated ability reasoning from user workflows to system architecture, identifying critical components, modeling data flow, and understanding emergent properties and failure modes. Strong judgment about what matters and where to invest engineering effort.
Secure Coding & Code ReviewHands-on proficiency implementing secure code patterns, performing security-focused code reviews, and building secure software development practices. Understanding of common vulnerabilities and secure implementation techniques across modern programming languages.
Strategic CommunicationAbility to articulate complex security concepts to non-technical audiences, write clear technical specifications, and communicate architectural decisions to engineering and product teams. Skill translating security requirements into actionable engineering constraints.

Nice to have

API Security & Secure Service DesignExperience designing and securing service-oriented architectures, implementing secure APIs, managing API authentication and rate-limiting, and preventing common API vulnerabilities like injection attacks and broken object-level authorization.
Secrets Management & Credential HandlingHands-on experience implementing secrets management systems, key rotation policies, credential injection patterns, and preventing secrets from leaking in logs, error messages, or source control. Familiarity with tools like Vault or cloud secrets managers.
Audit Logging & Security ObservabilityExperience designing comprehensive audit logging systems, security monitoring, detection engineering, and incident response infrastructure. Understanding of how to make security events visible and actionable for operations teams.
Supply Chain SecurityFamiliarity with secure software supply chain practices, dependency management security, SBOM generation, vulnerability scanning, and preventing attacks targeting build and deployment pipelines.
Cryptography ApplicationPractical understanding of cryptographic principles and their application to real systems. Experience selecting and implementing appropriate cryptographic algorithms, managing keys securely, and understanding limitations of cryptographic solutions.
LLM & AI Agent SecurityExperience working with large language models, prompt engineering, or AI agent systems with focus on security implications. Understanding of emerging AI-specific security threats, mitigations, and the intersection of AI capabilities with access control.

Compensation & benefits

Salary

USD 250,000 – 420,000 (annual)

Stock options

Available

Benefits

Competitive Equity Package

Meaningful equity stake as early manager-track team member at high-growth AI developer tools company, aligning personal success with company value creation.

Comprehensive Health Coverage

Medical, dental, and vision insurance with company contributions for you and eligible dependents, ensuring holistic healthcare coverage.

Flexible Work Arrangements

Work-from-home flexibility with access to San Francisco office, supporting work-life integration that works for your situation.

Professional Development Budget

Annual budget for conferences, courses, certifications, and learning resources to stay current with rapidly evolving security landscape.

Generous Time Off Policy

Unlimited or generous vacation policy supporting rest and renewal, with company culture that encourages taking time off.

401(k) Retirement Plan

Company-sponsored retirement savings plan with matching contributions, supporting long-term financial planning.

Flat Organizational Structure

Minimal bureaucracy with direct influence on company decisions and product direction; rapid decision-making and broad impact for your work.

Talent-Dense Team Environment

Work alongside exceptionally talented engineers and product leaders with passion for solving hard problems, creating stimulating work environment and fast learning opportunities.


Apply for this position

You'll be redirected to the company's application page


Cursor

Cursor

View all jobs

Built to make you extraordinarily productive, Cursor is the best way to build software with AI.

San Francisco, California, United StatesFounded 2021cursor.com

Tech Stack

Languages
TypeScript/JavaScriptPythonRust
Frameworks
OAuth 2.0 / OpenID ConnectZero-Trust ArchitectureRBAC / ABAC Frameworks
Databases
PostgreSQLRedis
Tools
Secret Management (HashiCorp Vault / AWS Secrets Manager)Threat Modeling Tools (STRIDE / PASTA)Container & Isolation Technology (Docker / Kubernetes / gVisor)Security Scanning & SAST ToolsAudit & Compliance Tooling
Other
AI Agent Architecture & Tool UseSecure Software Development Lifecycle (SDLC)Adversarial Thinking & Red TeamingCloud Platform Security (AWS / GCP / Azure)
Apply Now