Software Engineer, Enterprise Platform
4mo ago
USASenioriamrbacscimapisinfrastructuresecurity
Build and evolve enterprise platform systems focusing on organization management, access control, compliance, and administrative tooling for large engineering organizations.
Responsibilities
- We're hiring an Enterprise Platform Engineer to build the foundational systems that make Cursor ready for the world's largest engineering organizations.
- Today we have basic organizations, simple IAM primitives, early audit logs, analytics APIs, and admin APIs — but enterprise customers need much more. You will design and build the platform layer that powers organization management, access control, compliance, and administrative tooling across Cursor's product surface. This is a deeply technical IC role focused on building correct, secure, and scalable enterprise infrastructure — not gluing together vendor SDKs.
Other
- Our mission is to automate coding. The first step in our journey is to build the best tool for professional programmers, using a combination of inventive research, design, and engineering. Our organization is very flat, and our team is small and talent dense. We particularly like people who are truth-seeking, passionate, and creative. We enjoy spirited debate, crazy ideas, and shipping code.
- Build and evolve our organization management system — multi-level org structures, groups, roles, lifecycle, and provisioning via SCIM, so admins can manage thousands of seats without friction.
- Design and implement RBAC with fine-grained roles, permissions, and resource scopes that cover organizations, teams, agents, and other resources — balancing security with developer ergonomics.
- Extend enterprise settings and policies — org-wide defaults, security policies (allowed models, MCPs, Tools, network restrictions), and configuration inheritance across different products.
- Deepen our audit logging infrastructure — comprehensive, queryable, tamper-evident audit trails that satisfy customer-specific compliance requirements.
- Build admin APIs and internal tooling that enterprise admins, customer success, and sales engineering depend on to manage organizations, investigate access issues, and onboard large accounts.
- Ship compliance features end-to-end — SSO enforcement, session management, allowlisting, data analytics, and the controls that procurement and security teams require before signing.
- Partner with product, security, and infrastructure teams to define enterprise platform abstractions that scale across the product without slowing down feature development.
- You will own organization management, RBAC and authorization, enterprise settings and policies, audit logs, admin APIs, and compliance-related platform features. You will be a technical authority on how Cursor models identity, access, and governance for enterprise customers.
- You will not own SSO/IdP integration at the protocol level (we use WorkOS) or billing and payments.
- Security and correctness are part of the job , but the goal is to build systems with enough rigor and observability that enterprise operations are boring — not to manually triage every access control edge case.
- You've built multi-tenant organization or IAM systems in production and have opinions on permission models, role inheritance, and policy evaluation.
- You've shipped RBAC or ABAC systems and understand the tradeoffs between flexibility and complexity.
- You deeply about correctness in authorization and understand why "fail closed" matters.
- You can hold the tension between "ship enterprise features fast" and "do not create security gaps or break existing access patterns."
- You feel comfortable shipping features end-to-end — from database schema and API design to admin UI and documentation.
- #LI-DNI