Staff Security Product Engineer

Department: Product

Location: Remote - Anywhere , Europe, United States - East Coast

Employment Type: FullTime

About Cantina

Cantina is building an agentic security operating system that spans application security, security operations, and agent security.

We believe the next generation of security products should do more than aggregate alerts or automate isolated tasks. They should understand context, reason across systems, help teams investigate what matters, and safely take action.

This is still an emerging space. Many of the most important risks, design constraints, and product opportunities haven’t been discovered yet. We need people who can help us build the product while also uncovering the unknown unknowns that come with combining security systems and agentic AI.

The Role

We’re hiring a security engineer who wants to build products in the AI era.

You’ve spent years understanding how security teams actually work—how incidents get triaged, how alerts get tuned, how detection logic gets written and maintained, how appsec findings get prioritized. Now you want to build the product you wish existed.

This is not a security review role, and it’s not a generic backend engineering position. We need someone whose core instincts come from security—understanding attacker behavior, operational failure modes, what actually matters when a SOC is under pressure—and who can turn that knowledge into product.

The AI and product engineering dimensions are real parts of the job, but they’re the growth opportunity, not the entry requirement. If you have strong systems engineering skills and genuine curiosity about how agents, tools, and orchestration work, you’ll learn the rest here.

What You’ll Do

• Build product capabilities across application security, security operations, and agent security

• Turn real security workflows into product experiences and platform primitives

• Design systems that ingest, correlate, triage, and act on security signals

• Help define safe patterns for agents, tools, permissions, memory, and execution boundaries

• Identify hidden risks and failure modes that only someone with real security experience would see

• Partner with product and engineering to make strong tradeoffs between speed, usability, and security

• Contribute to evaluation, testing, observability, and guardrails for agentic behavior

• Raise the team’s overall understanding of security architecture, operations, and AI risk

What You Bring

The non-negotiable:

• Deep experience in one or more of: security engineering, application security, detection engineering, incident response, security operations, or security platform engineering

• Strong hands-on experience building and shipping software—you write code, not just review it

• The ability to reason clearly in ambiguous spaces and surface risks early

Highly valued but learnable here:

• Experience with AI/LLM application architecture, agent frameworks, or orchestration systems

• Product judgment—translating messy technical workflows into usable product decisions

• Comfort working across technical and non-technical teams

Relevant Background

You’ve likely worked with systems and workflows like these:

• SIEMs: Splunk, Elastic, Microsoft Sentinel, Chronicle, Panther, or similar

• EDR/XDR: CrowdStrike Falcon, SentinelOne, Microsoft Defender, or similar

• SOAR / Automation: Tines, Torq, Cortex XSOAR, or similar

• Appsec tooling: Semgrep, Snyk, CodeQL, Burp Suite, Wiz, or similar

We don’t expect experience with every tool above. We want someone who has been close enough to these environments to understand how modern security teams investigate, prioritize, and respond.

Technical Environment

• TypeScript / Node.js (primary stack—willingness to work in this is required, prior experience is preferred)

• API and integration-heavy systems

• Backend and distributed systems design

• Security data models, workflow design, and systems integration

Why This Role Is Different

Most security product companies hire engineers and teach them security, or hire security people and limit them to advisory roles. We’re looking for someone who can do both: ship real systems and bring the security depth to see what others will miss.

You’ll have real influence over what gets built and how. If you’ve been frustrated by security products that clearly weren’t built by anyone who’s actually worked in security, this is your chance to fix that.