Staff Security Product Engineer

Cantina

About The Position

Cantina is building an agentic security operating system that spans application security, security operations, and agent security. We believe the next generation of security products should do more than aggregate alerts or automate isolated tasks. They should understand context, reason across systems, help teams investigate what matters, and safely take action. This is still an emerging space. Many of the most important risks, design constraints, and product opportunities haven’t been discovered yet. We need people who can help us build the product while also uncovering the unknown unknowns that come with combining security systems and agentic AI. We’re hiring a security engineer who wants to build products in the AI era. You’ve spent years understanding how security teams actually work—how incidents get triaged, how alerts get tuned, how detection logic gets written and maintained, how appsec findings get prioritized. Now you want to build the product you wish existed. This is not a security review role, and it’s not a generic backend engineering position. We need someone whose core instincts come from security—understanding attacker behavior, operational failure modes, what actually matters when a SOC is under pressure—and who can turn that knowledge into product. The AI and product engineering dimensions are real parts of the job, but they’re the growth opportunity, not the entry requirement. If you have strong systems engineering skills and genuine curiosity about how agents, tools, and orchestration work, you’ll learn the rest here.

Requirements

Deep experience in one or more of: security engineering, application security, detection engineering, incident response, security operations, or security platform engineering
Strong hands-on experience building and shipping software—you write code, not just review it
The ability to reason clearly in ambiguous spaces and surface risks early
TypeScript / Node.js (primary stack—willingness to work in this is required, prior experience is preferred)
API and integration-heavy systems
Backend and distributed systems design
Security data models, workflow design, and systems integration

Nice To Haves

Experience with AI/LLM application architecture, agent frameworks, or orchestration systems
Product judgment—translating messy technical workflows into usable product decisions
Comfort working across technical and non-technical teams

Responsibilities

Build product capabilities across application security, security operations, and agent security
Turn real security workflows into product experiences and platform primitives
Design systems that ingest, correlate, triage, and act on security signals
Help define safe patterns for agents, tools, permissions, memory, and execution boundaries
Identify hidden risks and failure modes that only someone with real security experience would see
Partner with product and engineering to make strong tradeoffs between speed, usability, and security
Contribute to evaluation, testing, observability, and guardrails for agentic behavior
Raise the team’s overall understanding of security architecture, operations, and AI risk

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume