Engine is the customer-side runtime where agents get identity, tools, compute, and permissions. Every agent runs in its own sandboxed environment — a full workstation, not a code interpreter — and every action is authorized before it touches data, tools, or settings. You will build and harden that runtime.
What you will do
Design and operate the sandboxing layer that gives each agent its own isolated Linux, Windows, or macOS environment on ephemeral compute.
Build the per-action authorization path: identity inherited from the customer's IdP, scoped tokens, and policy checks that sit between every agent action and the systems it touches.
Extend and maintain the connector layer that gives agents permissioned reach into 800+ enterprise tools.
Make durable agents survive infrastructure churn: checkpointing, resumption, and state that outlives any single machine.
Chase down the hard tail of reliability issues that only appear inside real enterprise networks.
You will thrive in this role if you
Have built infrastructure where isolation and correctness actually mattered — sandboxes, hypervisors, container runtimes, or security boundaries.
Think in failure modes, and write code that assumes the network is hostile and the credentials are radioactive.
Like working close to the operating system without losing sight of the product the runtime exists to serve.