{"version":"0.1","company":{"name":"YubHub","url":"https://yubhub.co","jobsUrl":"https://yubhub.co/jobs/skill/allowlisting"},"x-facet":{"type":"skill","slug":"allowlisting","display":"Allowlisting","count":1},"x-feed-size-limit":100,"x-feed-sort":"enriched_at desc","x-feed-notice":"This feed contains at most 100 jobs (the most recently enriched). For the full corpus, use the paginated /stats/by-facet endpoint or /search.","x-generator":"yubhub-xml-generator","x-rights":"Free to redistribute with attribution: \"Data by YubHub (https://yubhub.co)\"","x-schema":"Each entry in `jobs` follows https://schema.org/JobPosting. YubHub-native raw fields carry `x-` prefix.","jobs":[{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_bf018c6f-784"},"title":"Enterprise Platform Engineer","description":"<p>We&#39;re hiring an Enterprise Platform Engineer to build the foundational systems that make Cursor ready for the world&#39;s largest engineering organisations.</p>\n<p>Today we have basic organisations, simple IAM primitives, early audit logs, analytics APIs, and admin APIs , but enterprise customers need much more. You will design and build the platform layer that powers organisation management, access control, compliance, and administrative tooling across Cursor&#39;s product surface.</p>\n<p>This is a deeply technical IC role focused on building correct, secure, and scalable enterprise infrastructure , not gluing together vendor SDKs.</p>\n<p><strong>Responsibilities</strong></p>\n<ul>\n<li>Build and evolve our organisation management system , multi-level org structures, groups, roles, lifecycle, and provisioning via SCIM, so admins can manage thousands of seats without friction.</li>\n<li>Design and implement RBAC with fine-grained roles, permissions, and resource scopes that cover organisations, teams, agents, and other resources , balancing security with developer ergonomics.</li>\n<li>Extend enterprise settings and policies , org-wide defaults, security policies (allowed models, MCPs, Tools, network restrictions), and configuration inheritance across different products.</li>\n<li>Deepen our audit logging infrastructure , comprehensive, queryable, tamper-evident audit trails that satisfy customer-specific compliance requirements.</li>\n<li>Build admin APIs and internal tooling that enterprise admins, customer success, and sales engineering depend on to manage organisations, investigate access issues, and onboard large accounts.</li>\n<li>Ship compliance features end-to-end , SSO enforcement, session management, allowlisting, data analytics, and the controls that procurement and security teams require before signing.</li>\n<li>Partner with product, security, and infrastructure teams to define enterprise platform abstractions that scale across the product without slowing down feature development.</li>\n</ul>\n<p><strong>What You&#39;ll Own</strong></p>\n<ul>\n<li>Organisation management, RBAC and authorisation, enterprise settings and policies, audit logs, admin APIs, and compliance-related platform features.</li>\n</ul>\n<p><strong>What You Won&#39;t Own</strong></p>\n<ul>\n<li>SSO/IdP integration at the protocol level (we use WorkOS) or billing and payments.</li>\n</ul>\n<p><strong>Security and Correctness</strong></p>\n<p>Security and correctness are part of the job, but the goal is to build systems with enough rigor and observability that enterprise operations are boring , not to manually triage every access control edge case.</p>\n<p><strong>Requirements</strong></p>\n<ul>\n<li>You&#39;ve built multi-tenant organisation or IAM systems in production and have opinions on permission models, role inheritance, and policy evaluation.</li>\n<li>You&#39;ve shipped RBAC or ABAC systems and understand the tradeoffs between flexibility and complexity.</li>\n<li>You deeply care about correctness in authorisation and understand why &#39;fail closed&#39; matters.</li>\n<li>You can hold the tension between &#39;ship enterprise features fast&#39; and &#39;do not create security gaps or break existing access patterns.&#39;</li>\n<li>You feel comfortable shipping features end-to-end , from database schema and API design to admin UI and documentation.</li>\n</ul>\n<p style=\"margin-top:24px;font-size:13px;color:#666;\">XML job scraping automation by <a href=\"https://yubhub.co\">YubHub</a></p>","url":"https://yubhub.co/jobs/job_bf018c6f-784","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Cursor","sameAs":"https://cursor.com","logo":"https://logos.yubhub.co/cursor.com.png"},"x-apply-url":"https://cursor.com/careers/software-engineer-enterprise-platform","x-work-arrangement":"remote","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["organisation management","IAM primitives","audit logs","analytics APIs","admin APIs","RBAC","ABAC","security policies","configuration inheritance","compliance requirements","SSO enforcement","session management","allowlisting","data analytics"],"x-skills-preferred":[],"datePosted":"2026-04-24T14:08:10.106Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"London"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"organisation management, IAM primitives, audit logs, analytics APIs, admin APIs, RBAC, ABAC, security policies, configuration inheritance, compliance requirements, SSO enforcement, session management, allowlisting, data analytics"}]}