About Nightshift
Nightshift is the data and analytics layer for AI agents. You connect a source once, write policy in plain rules, and any agent gets exactly the data you allow, enforced down to the row the moment it asks, served over MCP. We are a small, senior team in Pittsburgh and Miami. Our own agents run on Nightshift, governed by our own policies and our own audit log.
About the role
Policy is the product. You will own the engine that takes a rule a human wrote ("support can read open invoices, with the card number masked, and never rows from a customer starting with A") and enforces it on every request, scoped to the identity behind the agent. Allow, deny, and mask, by row, by column, by value, arbitrarily deep, with human-in-the-loop approvals where a rule demands it. You also own the part people trust most: the audit log, where every decision is written down with a before and after a regulator could read.
Representative projects
- Design the policy model that expresses row, column, and value rules without becoming a programming language nobody can review
- Build the enforcement path that is fast enough to run inline on every minted endpoint
- Ship the impact preview that replays a draft policy against recorded requests so a human sees the blast radius before enabling it
- Make the audit log tamper-evident and queryable, so "who saw what, when, and why" is one search away
You may be a good fit if you
- Have built authorization, ABAC or RBAC, data masking, or compliance-grade systems
- Care deeply about the gap between "probably enforced" and "provably enforced"
- Can hold a security model in your head and explain it to someone who can't
- Want your work to be the reason a CISO says yes