# Engineering Manager, Agent & Product Security

**Company:** [Cursor](https://hotfix.jobs/companies/cursor)
**Location:** New York, NY, San Francisco, CA
**Role:** Security Engineering
**Experience:** 5+ years
**Skills:** Application Security, Authorization, Identity Management, Secrets Management, Data Isolation, Policy Enforcement, Threat Modeling, Prompt Injection Mitigation, Ai Agent Security, Secure Tool Execution
**Posted:** 2026-07-14

> Lead the security engineering team building primitives for agent identity, authority, isolation, and policy enforcement to enable safe autonomous AI coding agents at Cursor. Requires strong product-systems judgment, modern appsec expertise, and comfort with ambiguity in a high-stakes environment.

## Job Description

## Responsibilities
- Chart the path from supervised agents to trusted autonomous ones: define the security primitives that enable agent autonomy, and lead the team that builds them.
- Engineer the isolation that makes Cursor safe to run inside customers’ most valuable codebases: tenancy, workspace, secret, and data protections designed for real adversaries.
- Build the authority infrastructure autonomous agents need: identity, scoped permissions, policy enforcement, and secure tool execution, so an agent can hold real responsibility with verifiable limits and full accountability.
- Build customer-facing security controls that are understandable, usable, and strong enough for Cursor’s most security-sensitive customers, with crisp success metrics for security outcomes.
- Hire, coach, and grow a high-performing security engineering team while staying technically close to the work: write and review code where useful, and keep execution fast and technically grounded.

## Requirements
- Led engineering teams shipping production systems with high security, reliability, or platform stakes.
- Strong product and systems judgment: reason from user workflows to architecture, threat models, enforcement points, and operational tradeoffs.
- See security as something that enables product capability, not only restricts it.
- Understand modern application security, authorization, tenancy, identity, secrets, data isolation, and secure-by-default platform design.
- Good instincts about AI agents: how they use tools, where authority should come from, how prompt injection and exfiltration show up in practice, and how to build mitigations that hold up against creative adversaries.
- Comfortable operating in ambiguity: set strategy where precedent is thin, commit to a direction, and stay close enough to the implementation to know when to change it.
- Partner well across product, infrastructure, ML, and customer-facing teams.

## Nice-to-Haves
- Experience in a small, talent-dense, flat organization.
- Passion for truth-seeking, creative problem-solving in AI and security.

## Similar roles

- [Insider Threat Engineer](https://hotfix.jobs/jobs/bc8b5e01-3df2-4688-8776-c6cef3290d6c) - Cloudflare
- [Cloud Infrastructure Security Engineer](https://hotfix.jobs/jobs/c1242456-9dcd-4b44-b9cb-d19a59d3edac) - Runpod - Remote - $152k – $175k/yr
- [Full Stack Security Engineer](https://hotfix.jobs/jobs/8663cf4e-df75-4318-9410-189edd5593cc) - Runpod - Remote - $152k – $175k/yr
- [Security Program Manager](https://hotfix.jobs/jobs/e7f7fcaf-1979-4194-9131-83689809fe47) - Forus - New York, NY
- [Safeguards Enforcement Analyst, Account Takeover & Credential Abuse](https://hotfix.jobs/jobs/31f5d0ec-9b31-4419-a4b1-2e826ec7a358) - Anthropic - San Francisco, CA - $245k – $285k/yr

**Apply:** https://hotfix.jobs/jobs/a65139d7-9502-4319-9abd-28bc7fa9e6b2
**Canonical:** https://hotfix.jobs/jobs/a65139d7-9502-4319-9abd-28bc7fa9e6b2