Careers at Anomity

Why work here

AI agents and MCPs are the new shadow IT. They are spreading across developer machines and employee laptops faster than any security team can track, and most organizations have no inventory of what is installed, what it can touch, or how it changes from one week to the next. Anomity exists to make that layer visible and governable.

We are defining a new category: agentic endpoint security. There is no playbook to copy, which means the people who join now shape the product, the technical approach, and the way the market understands the problem. If you want your work to set the standard rather than follow one, this is the place to do it.

We are an early-access, pre-launch company. That means the decisions are still wide open and the ceiling on impact is high. You can't govern what you can't see, and we are building the system that lets security teams finally see.

What we value

Three things guide how we hire and how we build.

• Security depth. We are working with real attack surface: untrusted MCP servers, over-broad permissions, plaintext secrets, dangerous capability combinations. We want people who understand why those things matter and can reason about threat models, not just ship features.
• Low-friction product. Anomity runs as a lightweight, unprivileged daemon that discovers and governs AI artifacts without sandboxes or blocked workflows. Developers and employees shouldn't even notice it. We hold ourselves to that bar and value people who obsess over making powerful tools feel invisible.
• Customer obsession. We are building for CISOs and security engineers, and we earn their trust by being concrete, honest, and useful. We sweat the details of what they actually need and we don't oversell what the product does.

How we work

We are a small, early-stage team that operates with high ownership. People here pick up problems end to end, from the first design conversation to the customer call where it ships. Titles matter less than impact, and the scope of any role grows as fast as the person in it.

We move fast but we are deliberate about trust. The product handles sensitive signal from customer endpoints, so we treat security and isolation as first principles, not afterthoughts. Secrets stay on the endpoint, we collect metadata rather than source or prompts, and we build with SOC 2 Type II discipline. That same care shows up in how we treat each other: direct, low-ego, and focused on the work.

If you are energized by ambiguity, want to be close to customers, and would rather own an outcome than a narrow lane, you will feel at home here.

Roles opening soon

We are growing across a few broad areas: Security Engineering, Product, and Go-to-Market. Security Engineering work spans the daemon, the discovery and classification engine, and the cloud that evaluates and stores findings. Product work shapes how security teams turn raw visibility into governance they can act on. Go-to-Market work brings the category to the CISOs and security engineers who need it most.

Formal openings are being defined now and will be posted soon. If any of these areas fit what you do best, we would still like to hear from you ahead of the listings.

Reach out at [email protected]. Tell us what you want to work on and why agentic AI security is the problem you want to spend your time on. We read every note.