[Remote] Senior AI Software Engineer, Internal Enablement

Note: The job is a remote job and is open to candidates in USA. Extend is revolutionizing the post-purchase experience for retailers with AI-driven solutions. They are seeking a Senior AI Software Engineer to develop secure coding tools for non-engineering roles, focusing on building a reliable and user-friendly platform for internal systems and third-party applications.

Responsibilities

• Design and ship secure MCP (Model Context Protocol) connectors to Extend's internal systems and the third-party SaaS we run on: finance, CRM, data warehouse, expense management, product analytics, support, ATS, and the long tail beyond
• Build and curate the shared library of agent skills that every team at Extend composes from. Ship skills, codify patterns, and raise the floor for what a safe, high-quality skill looks like
• Extend our agent infrastructure. Build the tooling that lets non-engineers create reusable agent skills securely and reliably. Encode the review and publishing model for shared tooling, shared runtimes, and the feedback loop on agent behavior in production. Fill the open phases of the lifecycle that governs how skills are designed, reviewed, and shipped, so non-engineers can build and ship intelligent automation end to end
• Build toward a connector-building agent: a meta-agent that discovers APIs, scaffolds MCP servers, and provisions access automatically. The end state is a platform that is itself an agent
• Work with our platform teams to establish the credential scoping, OpenTelemetry instrumentation, and least-privilege patterns that every connector and skill ships with, so security is built in from day one
• Own the employee experience for the agentic platform. Help onboard employees to the tools with self-serve guides, build skills people can learn from, and run the feedback loop between what's shipped and what adopters actually need. Your job isn't done when the connector ships. It's done when the team using it is self-sufficient
• Design credential scoping and vending for agent connectors: how API keys are provisioned, rotated, and scoped per user, per skill, per connector. OAuth/OIDC where it fits, least-privilege everywhere
• Build the risk-tier and review model for shared agent skills: what's safe at personal, team, and org level; sandboxing strategy; malicious dependency scanning for skills that pull in untrusted packages
• Instrument the agent platform end-to-end with OpenTelemetry: every MCP call, every skill execution, every credential use is visible in Coralogix

Skills

• You've shipped production systems and can point to the seams: where they held under load, where they broke, and what you changed. Five or more years of that
• Proficient in at least one of Python, TypeScript/Node, or Rust
• You've built developer tooling, platforms, SDKs, or internal frameworks that other engineers depended on. You measure that work by adoption, not by what shipped
• You can build a real third-party integration: OAuth flows, credential scoping, webhook handling, pagination, rate limiting, retry semantics. Production connectors, not tutorial work
• Comfortable on AWS. We run on Lambda, API Gateway, DynamoDB, S3, and a managed agent runtime. You don't need to be an infra specialist, but you need to be at home
• You've made complex systems usable by non-experts, whether through DevX work or internal tools that non-engineers actually adopted and relied on
• You live and breathe AI tooling every day. Direct experience with Claude Code, MCP, or another agent framework (LangChain, CrewAI, AutoGen, OpenAI Agents SDK)
• Familiarity with using different agent harnesses/orchestrators for complex coding tasks and the process of building new agents
• You've built production credential management: OAuth 2.0/OIDC, API key vending, secret rotation, least-privilege scoping. You understand that security that can be bypassed isn't security
• Strong AWS security fundamentals: IAM, KMS, Lambda surface, serverless attack patterns. You don't need to be a security specialist, but you ship code that doesn't need a security escort
• Experience with AWS CDK, CloudFormation, or similar infrastructure-as-code
• Experience with OpenTelemetry, Coralogix, or equivalent observability tooling
• Background in platform engineering, internal developer platforms (IDPs), or enterprise integration
• Prior IC role at an early-stage startup with a small team, wide surface area, and high pace
• Experience with LLM application security: OWASP LLM Top 10, prompt injection defense, agent sandboxing
• Background in supply chain security, dependency scanning, or SBOM tooling

Benefits

• Full medical and dental & vision benefits
• Stock in an early-stage startup growing quickly
• Generous, flexible paid time off policy
• 401(k) with Financial Guidance from Morgan Stanley

Company Overview

Company H1B Sponsorship