Senior AI Software Engineer, Internal Enablement

About the Role:

We are hiring a Senior AI Software Engineer to change the way we work with AI across the whole company.

Extend thinks AI has reached a level of usefulness and sophistication that we are preparing to build coding tools for all the non-engineering roles in the company. We want you to be part of the team that provides the engineering rigor to make this platform reliable, secure, and easy to use. Over the next six months we are standing up MCP connectors to the systems we run on, a shared library of agent skills every team composes from, and the infrastructure that turns a one-off prototype into durable tooling. You will build that platform — and the security model it ships with. Credentials vended to agents, code generated by LLMs and executed locally, connectors bridging internal systems to third-party applications and systems: every connector and skill you ship has to be secure by default, because there is no security escort coming behind you.

What You'll Do:

• Design and ship secure MCP (Model Context Protocol) connectors to Extend's internal systems and the third-party SaaS we run on: finance, CRM, data warehouse, expense management, product analytics, support, ATS, and the long tail beyond.
• Build and curate the shared library of agent skills that every team at Extend composes from. Ship skills, codify patterns, and raise the floor for what a safe, high-quality skill looks like.
• Extend our agent infrastructure. Build the tooling that lets non-engineers create reusable agent skills securely and reliably. Encode the review and publishing model for shared tooling, shared runtimes, and the feedback loop on agent behavior in production. Fill the open phases of the lifecycle that governs how skills are designed, reviewed, and shipped, so non-engineers can build and ship intelligent automation end to end.
• Build toward a connector-building agent: a meta-agent that discovers APIs, scaffolds MCP servers, and provisions access automatically. The end state is a platform that is itself an agent.
• Work with our platform teams to establish the credential scoping, OpenTelemetry instrumentation, and least-privilege patterns that every connector and skill ships with, so security is built in from day one.
• Own the employee experience for the agentic platform. Help onboard employees to the tools with self-serve guides, build skills people can learn from, and run the feedback loop between what's shipped and what adopters actually need. Your job isn't done when the connector ships. It's done when the team using it is self-sufficient.
• Design credential scoping and vending for agent connectors: how API keys are provisioned, rotated, and scoped per user, per skill, per connector. OAuth/OIDC where it fits, least-privilege everywhere.
• Build the risk-tier and review model for shared agent skills: what's safe at personal, team, and org level; sandboxing strategy; malicious dependency scanning for skills that pull in untrusted packages.
• Instrument the agent platform end-to-end with OpenTelemetry: every MCP call, every skill execution, every credential use is visible in Coralogix.

What We're Looking For:

• You've shipped production systems and can point to the seams: where they held under load, where they broke, and what you changed. Five or more years of that.
• Proficient in at least one of Python, TypeScript/Node, or Rust.
• You've built developer tooling, platforms, SDKs, or internal frameworks that other engineers depended on. You measure that work by adoption, not by what shipped.
• You can build a real third-party integration: OAuth flows, credential scoping, webhook handling, pagination, rate limiting, retry semantics. Production connectors, not tutorial work.
• Comfortable on AWS. We run on Lambda, API Gateway, DynamoDB, S3, and a managed agent runtime. You don't need to be an infra specialist, but you need to be at home.
• You've made complex systems usable by non-experts, whether through DevX work or internal tools that non-engineers actually adopted and relied on.
• You live and breathe AI tooling every day. Direct experience with Claude Code, MCP, or another agent framework (LangChain, CrewAI, AutoGen, OpenAI Agents SDK).
• Familiarity with using different agent harnesses/orchestrators for complex coding tasks and the process of building new agents.
• You've built production credential management: OAuth 2.0/OIDC, API key vending, secret rotation, least-privilege scoping. You understand that security that can be bypassed isn't security.
• Strong AWS security fundamentals: IAM, KMS, Lambda surface, serverless attack patterns. You don't need to be a security specialist, but you ship code that doesn't need a security escort.

Nice to Have:

• Experience with AWS CDK, CloudFormation, or similar infrastructure-as-code.
• Experience with OpenTelemetry, Coralogix, or equivalent observability tooling.
• Background in platform engineering, internal developer platforms (IDPs), or enterprise integration.
• Prior IC role at an early-stage startup with a small team, wide surface area, and high pace.
• Experience with LLM application security: OWASP LLM Top 10, prompt injection defense, agent sandboxing.
• Background in supply chain security, dependency scanning, or SBOM tooling.

* The target base salary range for this position is listed above. Individual salaries are determined based on a number of factors including, but not limited to, job-related knowledge, skills and experience.